I saw a story on CNN (which I almost never watch) about a growing trend… an alarming trend. I bring it to your attention so that you can take steps to guard against a really nasty hack.
It is possible to receive an email that has a trojan horse in it. Once on your computer, the hacker can access your webcam and… stream it or take images. Those images can then be used to blackmail you into doing more and horrible things.
Blackmailers trade nude pics like baseball cards on the ‘dark web’
Be aware of this. These interwebs are changing our lives in positive ways, but bad people figure out how to do old bad things in new horrible ways. The force multiplier that is the internet can ruin lives, not just improve them.
Be careful, people, about your emails. Be careful with what you click and send. You would do well to treat your devices with a measure of wariness.
Loading ...
For those who have a built-in webcam, an old school trick can be good – put a piece of black tape over it when not in use.
It is generally a good policy to never click on a link inside an email unless you are 100% sure of the source (for example you just registered with a site and they sent you a confirmation link to click). Oftentimes people’s address lists get hacked so just because it came from an address you know that is no guarantee.
If I did have a webcam on my home computer (which I don’t) all the hacker would see is a wall of mostly Catholic books with one shelf of Aubrey/Maturin novels, not very exciting.
Yes, black tape is good, but this does go to the issue of why people leave a live feed turned on at all hours of the day and night. I know it is a pain, but the simplest way to stop this is to turn off and unplug your computer (both electrical and Ethernet) when not in use. Not only will it prevent live-feed stealing, but it will save money. I suspect that putting computers in rooms where one changes clothing or in front of a bed is asking for trouble. Of course, you could put a crucifix opposite the wall that has the webcam. Also, most of those nude videos are of young women, I suspect, and that is not, necessarily, a computer problem, but a culture problem.
Of course, we could go back to dial-up, like I have. They would get one frame grab per five minutes with my set-up.
The Chicken
A question, once something is “infected” by criminal enterprise, etc., what is the best way to proceed? To ditch altogether and start afresh with brand new machine/device? If one were setting up a brand new system, other than warily not clicking everything in email, what would be the latest, updated guidelines to evade?
Yep to the tape suggestion. I put a small piece of ductt tape over my camera a couple of years ago, right after I first heard about this problem.
Removing the Trojan should be enough. A rootkit is much harder to deal with and a GPU rootkit is next to impossible to find. Of course, the safest current operating system is Linux. There has never been a sucessful remote exploit on a properly secured Linux computer (in fact, there were retired from blackhat hacker competitions because of this). It is almost (but not quite) impossible to install malware on a Linux box without you knowing about it. Having total control and access to the code is what makes this possible.
Macs, properly secured, are almost as malware resistant as Linux, since both are Unix-based systems, but Mac uses some proprietary layers above its base Unix code, which makes it more difficult to debug.
One has to learn about the most common malware vectors and prepare defenses. One of the other professors, somehow, got malware installed on a classroom computer I needed to use. It wasn’t hard to spot the malware (browser redirected to the same page too often), but if it is not your machine, it is hard, sometimes, to spot changes. I called our IT people to re-image the machine.
How can you stop malware? Other than common sense, you can’t, without having a lot of experience. The NSA can do an interrupt from the network switches. There is nothing you can do about that. More common script-kiddie malware is easier to deal with. Use SSL, a firewall, and password protection before any code can be run. Don’t open suspicious attachments or give out personal information to untrusted site. Of course, if you are paranoid, you can run a custom OS off of the mainstream and use site-to-site encryption, but if you know how to do all of that, you, already know as much as the hackers. After that, it’s all a game of tag.
The Chicken
My husband grew up behind the Iron Curtain and has always been (rightfully) paranoid about these types of things. We only plug in the webcam when it is in use. Also, our Xbox Kinect sits in a drawer when not in use.
I put a bandaid on the problem–literally. They stay a treat and do not leave anything sticky on the lens of the camera should I ever want it.
But I had to laugh since I hacker might get video of me doing my Rosary or squinting at the screen.
Still, thanks for the suggestion. But that won’t help with the audio if your device has it. From what I read even our TV has a microphone to listen in on us– I never thought I would EVER see the monitoring described in Orwell’s book 1984 in our homes– yet with our computers and smart phones and intelligent TV systems all starting to overlap and merge– we are in effect there.
Folks, they can also do the same with your cell phone, so tape that over as well.
Let me guess: CNN was on in an airport?
Probably the simplest solution is not to do anything that you could be black mailed for; then turn the computer off.
I suspect that the majority of nude photos being shared were taken to be sent as sexts. Younger and younger girls are being asked to send nude pics to their peers. I can’t understand why parents give tweens and teenagers smart phones. Good grief- I didn’t even have a cell phone or pager or email address in high school and I still found plenty of ways to do stupid things. The difference is, there’s no digital record of my stupidity.
I don’t bring any tech with me in the bedroom at night, and my computer cameras have stickers covering them.
I’m not taping over anything.
I don’t undress in front of my computer (or my smart phone). All they will get is a picture or many pictures of me looking at the screen. If anyone thinks they can blackmail me with that, they are welcome to try.