The RATs Who Can Control Your Webcam
A disturbing new article by Nate Anderson at arstechnica – details the tool that can provide unauthorized access to your webcam and how it is being used.
“See! That sh*t keeps popping up on my f*****g computer!” says a blond woman as she leans back on a couch, bottle-feeding a baby on her lap.
The woman is visible from thousands of miles away on a hacker’s computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman’s screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman’s computer.
The woman is startled. “Did it scare you?” she asks someone off camera. A young man steps into the webcam frame. “Yes,” he says. Both stare at the computer in horrified fascination. A picture of old naked men appears in their Web browser, then vanishes as a McAfee security product blocks a “dangerous site.”
“I think someone hacked into our computer,” says the young man.
Far away, the hacker opens his “Fun Manager” control panel, which provides a host of tools for messing with his RAT victims. He can hide their Windows “Start” button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he settles for popping open the remote computer’s optical drive.
Even over the webcam, the sound of shock is clear. “Stay right here,” says the woman.
“Whoa!… the DVD thing just opened,” says the young man.
The hacker sends the pair a message that reads “achoo!” and the young man laughs in astonishment. “Disconnect from the Internet,” he says. “Your laptop’s going to go kaboom next.”
—Meet the men who spy on women through their webcams | ARS Technia | Nate Anderson Mar 10 2013
Stemming the proliferation of RAT tools is an impossibility — there are too many and “source code is in the wild.” But, advises Ars Technica, there are some basic precautions one can take to avoid ratter slavery (which largely boil down to “avoiding dodgy stuff”):
Use a solid anti-malware program, keep your operating system updated, and make sure plugins (especially Flash and Java) aren’t out of date. Don’t visit dodgy forums or buy dodgy items, don’t click dodgy attachments in e-mail, and don’t download dodgy torrents. Such steps won’t stop every attack, but they will foil many casual users looking to add a few more slaves to their collections.
—How hackers spy on women through their webcams | Salon | NATASHA LENNARD Mar 11 2013
There is one foolproof way to avoid an increasingly terrifying group of perverted cyberspies who are hijacking (mostly) women’s computer cameras: Buy a new computer that has a light that goes on whenever your webcam is in use, whether you know it or not. [Update: Tape also works.] Ars Technica’s Nate Anderson details “the Internet’s Wild West” of remote administration tools (RAT), which are as scary for their description of female hacking victims as “slaves” as they are vulnerable to the little known little green light, which is installed on all Macbooks. “If someone release[s] soft[ware] which will disable the led cam light he will be the richest man in HF [Hack Forums]!!!” wrote one user on Hack Forums.
—How Women Can Stop Webcam Hacker Creeps from Watching You | theatlanticwire.com | REBECCA GREENFIELD Mar 11 2013