Has My Webcam Been Hacked?Posted By : Ken Colburn of Data Doctors on August 9, 2013
My webcam’s LED seems to flash on and off at random moments…can my webcam get hacked?
This question was answered on August 9, 2013. Much of the information contained herein may have changed since posting.
There’s absolutely no question that the ability to remotely access your webcam without your knowledge exits. A fairly high-profile arrest was made back in 2010 of a man that had compromised over 100 computers and was remotely turning on webcams to take secret movies to blackmail the victims.
The mere fact that the LED is randomly flashing isn’t necessarily an indication that your computer has been compromised, but it’s certainly worth investigating.
The technique for remotely accessing your webcam is made pretty simple if you let your guard down and allow malware known as a RAT (Remote Administration Tool) to sneak into your computer.
A RAT is an actual program that can get silently installed if you unknowingly fall for a scam that convinces you to upgrade a video player, run a security program or if you frequent sites that claim to have free downloads of copyrighted material such as movies, music and expensive computer software.
The hacker that got arrested in 2010 basically set traps on networks that shared illegal downloads, because he knew that people would willingly open the files in hopes of getting something for free.
There are some basic troubleshooting steps you can perform that may help you determine what might be causing your webcam LED to randomly flash.
Start by rebooting your computer and watching your webcam after the system has completely loaded to see if the LED starts to flash with no programs running. It may flash once or twice during the startup of the computer, but if it’s still randomly flashing 10 minutes after you started the computer with no programs running, you’ll need to investigate what programs automatically load at startup.
A quick way to see if you should be concerned on a Windows system is to open the Task Manager (Ctrl-Alt-Del) and click on the Processes tab to look for ‘winlogon.exe’. If you see more than one instance of the winlogon.exe process, you should immediately disconnect your computer from the Internet and have it looked at as this is a clear sign of unusual activity.
By the way, accessing your webcam remotely isn’t something that is specific to Windows as any computer that has a RAT installed (including Macs) can be remotely controlled, because that’s what the tool was originally designed to do.
If your LED isn’t flashing after a clean start, open your default browser and see if it starts flashing. Some browser plug-ins or extensions may do a sweep of your computer just to determine if a webcam is present, so you can try disabling the plug-ins one at a time if that’s the case.
If it’s not your browser, you can try opening your programs one at a time to see when the LED starts to flash. The process can get a bit tedious, but it’s about the only way to figure out what is randomly accessing your webcam.
There are lots of people on the Internet suggesting that if you’re concerned about your webcam being secretly turned on, you should put a piece of electrical tape or a bandage over the camera, but that’s like sticking your head in the sand.
In order to remotely turn on your webcam, a hacker would have to have complete control of your entire computer including access to all your personal files, so making sure you’re not infected is the proper advice as turning on your webcam would be the least of your problems.
Making sure you keep your operating system and security programs up-to-date will go a long way to protecting you, but nothing can help you if you engage in risky behavior. Today’s malware is quite capable of side-stepping or disabling your security programs if they can just get you to run the booby-trapped file so be very careful what you allow to run on your computer.
Need Help with this Issue?
We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!
Posted by Ken Colburn of Data Doctors on August 9, 2013