You have probably never thought about it seriously, and was probably never warned! Fact is, you need to secure your webcam at home to avoid being hacked by someone online. Webcam hacks have become a favorite pastime for snoopers who unashamedly peek into your private lives and share their findings with the world.
The exploit has spread to smartphone and tablet front-facing cameras, and the whole array of Internet of Things! Drones too are not spared. It gets worse now that CCTV and IP cameras are installed in multiple homes, and connected to the Internet!
How Webcam Hacking Works
For anyone to access your smartphone or computer camera, he or she must be able to install a back-door or rootkit software on your computer using a Trojan horse. Upon execution of the malicious file, your IP address will be relayed back to the online criminal.
In what is known as camfecting, a Trojan execution file will be shown to you as a cool tool to help you solve a problem on your computer. Then it will install client hack tools and shell command capabilities and amongst many trickeries, will monitor hardware and computer keystrokes.
Then with the help of remote administration Trojan (RAT) application, your computing devices can be manipulated without you ever suspecting. Your storage media, web activities, microphone and webcam are turned into ‘slaves’.
A Trojan will manifest as:
- antivirus or other malware software
- friendly mail or pdf file
- network link
- smartphone app
The inadvertent installation of Trojan files in your computer will give direct access of your tech device to the remote hacker, who upon firing up remote administration tools will monitor and tweak hardware and software on your personal computer or other devices.
Below are some examples of remote administration exploit tools:
- Blackshades Remote access Trojan
- Back Orifice
- Lost Door Remote Administration
- Skype Webcam Hacker
- AndroRAT for Android
Besides installing trojans, hackers also use sophisticated online tools and brute-force attacks to access IP cameras connected to the internet. So, every time you are monitoring your home from your camera in the office, you probably have someone alongside you surfing through the videos. Beware!
You can secure your webcam at home with the following tricks
Whereas you have no control over government security webcam installations, live cams and hobbyist webcams that are streamed online, you should have a degree of control over what is harvested from your house.
1. Be Wary of Downloads, Apps and Links
Secure your webcam by staying away from unsolicited files, apps, and links. Hackers will always exploit your curiosity by exposing your eyes to friendly emails, images, video files, apps, downloaders, malware removal tools, unsolicited Skype chats, and other social engineering hacks.
- don’t open files whose sources you don’t know
- avoid installing apps you don’t know
- don’t open mail, images, links, PDF files you don’t know
- be wary of those downloaders that want to self-install
- be wary of mobile apps that want to access your smartphone camera
Make sure to read app reviews and monitor what or who you are dealing with online before downloading or opening unfamiliar files.
2. Install and Update Security and Other Software
Secure your webcam by installing trusted security software on your computer, and update these regularly. Likewise, install trusted mobile antivirus and Virtual Private Networks apps in your mobiles.
Good anti-malware software will throw up red flags whenever Trojans try to download and install.
To complement this, allow the security software to remove malware immediately and exercise caution when including apps in the Exception list. Adding
Trojan files in antivirus exception list will leave your computer open to all kinds of remote attacks.
Further still, get into the habit of running whole computer scans regularly. This way, the security scan will pick up hidden rootkits and backdoor threats that went unnoticed in previous scans, probably because of outdated virus definitions.
Update other applications such as java.
3. Keep an Eye on Webcam Light
Usually, the webcam light will turn on whenever the laptop webcam is in use. This alerts you the camera is rolling, and someone is watching you.
If the light turns on without you using the application, then, some remote script could be running in the background. Check to make sure you did not start the software accidentally and that you are not being watched!
However, you should not solely rely on the cam light to sense trouble. Some Webcams don’t light up either because the camera light has malfunctioned or the remote script has disabled it. Again, many smartphone cams do not have lights thus giving the hacker a leeway.
In 2013, successful exploits managed to turn on MacBook laptop webcams without triggering its lights! Make sure to close the lid or completely turn off the laptop if you are not using it.
4. Cover the Webcam
You will want to secure your webcam by covering it until such a time you will need it. Cover the webcam using a post-it note or sticky tape but remember not to mess it up by using excessive adhesive.
Of course, the recourse changes when it comes to your smartphone. With the selfie craze all around us, you may want to have your front facing camera on at all times. For mobiles, therefore, make use of other preventive measures explained herein.
5. Disable the Webcam
You should also consider disabling the webcam in your computer if you are not going to use it. Apart from the usual video chats via Skype and other tools, webcams are utterly useless when it comes to taking photos.
If you do not rely on your laptop for communication, consider disabling the webcam completely. For Windows users, this can be done in Device Manager or the BIOS setup page.
Right-click the laptop webcam under Imaging devices and select Disable.
6. Use Secure Passwords
All computers and mobile devices in your household should be secured with passwords. In addition, set them to request for passwords whenever they wake up from Sleep or Hibernation. This may help against exploits which are targeted at idle devices.
Secure passwords should also be the ultimate solution if you have installed CCTV and IP cameras and network devices. Ensure to change the default passwords that ship with the devices.
8 character or longer password comprising upper- and lower-case letters, symbols and numbers should help dissuade hackers from exploiting your installations. Long passwords are harder to guess.
Improve overall home security by changing your passwords every once in a while, and making sure they are well encrypted. You don’t want to be smoked out at the storage level.
7. Don’t Jailbreak or Root your Smartphone
Apple endeavors to improve user security in every version of new IOS firmware. But this security is easily breached when you choose to jailbreak your iPhone.
When you jailbreak an iPhone or root an Android device, you basically interfere with security checks and limitations that are written within the firmware.
A jailbroken iPhone allows good and evil third-party apps other than those sanctioned by Apple to install and run.
Xsser mRAT, PlaceRaider, AndroRAT are just a few examples of remote access exploits that can run on jailbroken and rooted Android devices while transmitting phone contents and images to remote users.
In order to secure your Apple device, do not jailbreak it and always update to the latest firmware. For Android users, install and run trusted anti-malware apps while watching out for malware apps!