Security & Privacy

Your Mac’s Camera Can Be Hacked

Posted on September 19th, 2016 by

mac-webcam-spyware-article

You might be asking, "Is my Mac's camera hacked?" The truth is your webcam can be accessed without your consent, and therefore covering your Mac's built-in camera is a good idea. Don't take my word for it, just see what FBI Director James Comey has to say about it:

There’s some sensible things you should be doing, and that’s one of them,” Comey said regarding webcam covers. “You go into any government office and we all have the little camera things that sit on top of the screen. They all have a little lid that closes down on them. You do that so that people who don’t have authority don’t look at you. I think that’s a good thing."

He said this while speaking at a conference. Looks like Mark Zuckerberg had the right idea.

But come on, no-one is spying on little old me, right? Are you confident you'd be able to tell if your Mac's camera was hacked?

Anyone who uses the built-in iSight camera in their iMac or a MacBook knows the little green light will turn on when the camera is in use. However, not only has this indicator light been disabled successfully in the past, you really won't notice the light turning on for a fraction of a second while a picture is being taken. Hardware is now fast enough to activate the camera, take a picture, and then turn off the camera again in the time it takes you to blink. Even if current spyware is unable to disable the light, chances are you won't see it when it does come on.

Covering the webcam on your computer is a good idea

We don't even need to go that far back in time to see an example of malware that has the ability to use your webcam against you, amongst other things. Then there was the Eleanor malware shortly before that, and just to demonstrate this is not a new idea, here's another one, called BlackHole RAT, from a while back. Let's not forget well-funded nation states that use some pretty darn sophisticated tricks to get what they want as well. One example is the Trident exploit that was discovered on iOS, which could have just as well been unleashed on OS X before Apple patched the exact same vulnerabilities there about a week later.

Your webcam can be accessed without your consent, and there is malware out there that makes it happen on a somewhat regular basis. Some we know of, most we probably don't know of. So what can you do? Cover your webcam, silly!

This can be as simple as a sticky note on the camera or, if you want it to match the color of your bezel, some electrical tape. The solution depends on how often you use your camera.

Personally, I never use the camera on my MacBook Pro, so for me some electrical tape does the job. It sits flush, matches the color of my display bezel and I hardly even notice it's there. My wife, who uses FaceTime often on her iMac, found a sliding webcam cover that gets the job done and doesn't look half bad. For laptops, just make sure the solution is thin enough to allow the lid close properly and not scratch the aluminum. Closing the lid on your laptop is another solid way to make sure nothing can be seen through your webcam. 😉

There is no right or wrong way, just the way that works for you.

How about the microphone? Malware that accesses your webcam also uses the microphone to capture sound. A quick test showed that a piece of electrical tape over the microphone muffles or blocks sounds just enough so that normal conversation cannot be picked up. It is not possible to completely mute the microphone, unfortunately, as it will always pick up some sounds.

On older laptops, the microphone can be found on the side of the body and on iMacs the microphone sits on the top of the bezel right above the camera. The Mac Pro and Mac mini don't have built-in microphones. Covering the microphones in newer MacBook Pro's can become tricky as they are inside the speaker grill. Covering the microphones would mean losing a speaker, which is a sacrifice I doubt anyone would make.

If defacing your Mac is simply not an option, exercise common sense when browsing the web or downloading files, and use a good antivirus and firewall. Keeping malware from even being installed on your Mac is, of course, the best remedy — but this is not always possible. This is where an antivirus will hopefully detect any malware that does make it on to your Mac. For good measure, a two-way firewall with outbound data protection will alert you if anything attempts to make an outgoing connection (upload a webcam snapshot to an off-site server, for example). A good combo-package that includes an award-winning antivirus and firewall is Intego's Mac Internet Security X9 bundle.

About Jay Vrijenhoek

Jay Vrijenhoek is an IT consultant with a passion for Mac security research. He conducts independent malware protection tests, and also writes about privacy and security related matters on his blog Security Spread. Follow him on Twitter at @SecuritySpread. View all posts by Jay Vrijenhoek →
  • elijah

    my green light turned on for a while, my computer asked for my facetime password, i declined it and 20 seconds later it turned off

  • Kirk Slow

    I have noticed that while using facebook that ther is advert targeting based on who is in front of my computer. NO GREEN LIGHT

  • Hartomo Effendi

    I got the following email today. Is it true or fake ? because he/she told that they have my screen record and cam record. I use macbook pro. Please kindly help

    =========================================================
    Whats good.

    I do not presume to judge you, but as a result of few occasions, we have point of contact from now. I do not think that caress oneself is very amiss, but when all your relatives, colleagues and friend see it- its definitely awful.

    So, closer to the point. You visited the website with роrn, which I’ve adjusted with the virus. After you clicked on a video, virus started working and your device became function as rdp immediately. Obviously, all cams and screen started recording instantly and then my virus collected all contacts from your device.

    I text you on this e-mail address, because I’ve collected it with my soft, and I make no doubt you for sure check this work address.

    The most interesting point that I edited video, on one side it shows your screen record, on second side your cams record. Its very funny. But it was sophisticated ,so I proud of it.

    As a result- if you want me to delete all this compromising evidence, here is my Bitcoin account address- 1J9x82ahoPqHS89a5DxD1hPUjontxFqxXa (it must be without «spaces» or «=»,check it). If you do not know how to make btc transactions, you can ask google or youtube for advice- its very easy. I suggest, that 310 usd will solve our problem and will destroy our point of contact forever. You have thirty hours after opening this letter(I put tracking pixel in it, ill know when you read it). If you will not pay me, ill share the evidence with all contacts I’ve collected from you.

    I do not think that cops can find me for only one day(not even 10 days), so think twice, you can lose your honor. Sorry for misprints, I am foreign.

    • Ruben

      No one responded to you… but I am dying to know, was it real?

Sign up For Our Newsletter

Get the latest Mac security news direct to your inbox.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}