Recently, malware that hijacks webcams and microphones and secretly records users' remarks and actions has been circulating.
However, when it comes to similar malware for Mac, the situation is somewhat different. That's because Apple laptops have an indicator light built into the hardware that tells you when your webcam is in use. At least the user can know they are being watched.
However, if a newly discovered attack method that piggybacks on webcams that are already in use, this situation may change. Security firm Synack's Patrick Wardle will present his findings at the Virus Bulletin conference on October 6th.
Mr. Wardle, who has researched many malware samples, found that even on the latest Macs, attackers can use indicator lights to hide malware activity and easily detect the contents of calls and video chats. I think it is possible to record
In this "attack", the malware secretly monitors the system to see if the user has started a video session ("FaceTime" or "Skype" video call, etc.). They then covertly record the session by piggybacking on the webcams and microphones being used. Since the indicator is already lit, users will not see any signs of malware activity and can record both audio and video without fear of being noticed.
In the end, what hackers and nations want to see is not the user who sits in front of the desk all day and squirms around, but the content of calls and video chats.
Mr. Wardle pointed out in an e-mail to the author that when a user is using a webcam or microphone in a legitimate way, there is a high possibility that they are handling information with a higher degree of confidentiality. ing. For example, a conversation between a journalist and an informant, an important meeting with a business executive, or a private FaceTime conversation with a partner can all be invaluable.
The new tool "Oversight" created by him aims to block connections to unauthorized webcams that try to piggyback on legitimate video calling apps, and to notify users when the microphone is being used. Thing.
This tool notifies the user when malware tries to piggyback on a session using the webcam so that the user can block the abuse. Wardle said the tool logs that process, allowing security experts and system administrators to investigate further.
Oversight, a tool written by Wardle, courtesy of Patrick Wardle
Fortunately, Mr. Wardle has yet to find malware for Mac that uses this technique, but he states that it is not difficult to implement.
Mr. Wardle publishes this app for free on his website.
This article was originally published by CBS Interactive and edited by Asahi Interactive for Japan.
![Advantages of "Gravio" that can implement face / person recognition AI with no code [Archive distribution now]](https://website-google-hk.oss-cn-hongkong.aliyuncs.com/drawing/article_results_6/2022/2/25/98ceaf1a66144152b81298720929e8e7.jpeg)