CNET también está disponible en español.

Ir a español

Don't show this again

Security

Former NSA employee: This hack gains access to your Mac's webcam

A former employee of the NSA details a method in which hackers could record your Mac's webcam and microphone without detection.

Eric Mack

An example alert from OverSight.

Screenshot taken by Gordon Gottsegen/CNET

Despite the security of Apple's OS X, Mac computers are not completely exempt from the occasional malware breach. Cyberattacks that involve a computer's webcam or microphone are particularly disturbing since users can be spied on without their knowledge.

Though Apple does equip its Mac with a built-in light next to its camera (which is triggered whenever the webcam is in use, is visible to the user and difficult to deactivate remotely) a former NSA and NASA employee discovered a hack that leaves users vulnerable.

Patrick Wardle, who is now director of research at the cybersecurity firm Synack, reported about the vulnerability Thursday during the Virus Bulletin conference in Denver.

The hack involves getting malware onto a victim's Mac without detection. The malware is then triggered when the webcam is activated by a legitimate application, like when a user launches FaceTime, PhotoBooth or Skype. Once the camera is turned on, the malware starts recording.

Because the malware "piggybacks" on other applications, the user is aware that the webcam indicator light is on, but remains unaware of any evidence of spying. The breach goes undiscovered and recordings are then sent to a remote hacker.

"As this 'attack' simply abuses legitimate functionality of the OS," said Wardle in an emailed response, "From the OS's point of view, the malware is not doing anything wrong or shady, [and] it's somewhat hard to prevent."

Wardle has created a software program to combat this method of attack, however. Named OverSight, it works by monitoring the computer's microphone and webcam and sends out alerts when either are in use. The alerts let you know exactly what application is using your webcam, and it can detect if malware is piggybacking off of a legitimate program. OverSight also allows you to block the webcam if suspicious activity is detected.

Of course, there is one low-tech solution that prevents users from remotely accessing your webcam: covering it up with tape. Though the method is unpolished, it doesn't require any additional software downloads, and, hey, both FBI director James Comey and Mark Zuckerberg do it to their computers.

Apple didn't immediately respond to a request for comment.