Mac Cam Hack 2017 Security Warning

Ever use your iPhone or iPad to access social media while you’re in the bathroom?

Of course you have. But you might not have realized that you were inviting a potential audience to hang out while you’re doing whatever it is you do in there. That’s because once you grant an app access to your camera, it can snap photos and videos without telling you, whenever it wants to (with both the front and rear cameras), upload the content, locate you with image data, run facial recognition on whatever it sees, and record you – all without a green light to indicate what it’s up to.

Jul 18, 2020  Read the original article: Top Stories: Apple Warns About MacBook Webcam Covers, iOS 13.6 Released, Apple Hacked on TwitterWhile much of our attention has been focused on iOS 14 over the past weeks, Apple was finishing up some final updates for the iOS 13 series of releases, and this week delivered iOS 13.6 and associated updates for other platforms to the public. The general concept regarding Apple devices is that they are secure from growing number of malware and other cyber attacks, but the reality is far from the truth.In the latest campaign, cybercriminals have infected hundreds of Mac users by distributing Proton malware by compromising Elmedia Player software. According to IT security researchers at ESET, this happened when attackers infected. OverSight will pop up an Allow/Block warning with details about what triggered it. And a free version CameraGuard alerts you to use of your camera. A paid version ($30) adds microphone blocking. Oct 02, 2017  A backdoor in Hikvision security cameras was recently exploited which led to compromised devices displaying the term HACKED. Owners of Hikvision security cameras recently noticed an alarming change in the display of the camera. There was a sudden change in the live feed display where the usual footage was replaced with the word HACKED.

Nov 21, 2016  Security cameras in front of the giant portrait of former Chinese Chairman Mao Zedong on Beijing's Tiananmen Square, Nov. May 07, 2017  Handbrake Developers Issue Mac Security Warning After Mirror Download Server Hack Sunday May 7, 2017 3:17 AM PDT by Tim Hardwick The developers of open source video transcoder app Handbrake have.

No LED, no light, no phone clearing its throat in embarrassment – just you and your quiet buddies, the camera-happy apps.

It’s always been this way. We just didn’t notice. Until, that is, Felix Krause pointed it out.

This is what a bad app (Krause imagines a “messaging app or any news-feed-based app”) could get up to by using regular iPhone/iPad camera permissions:

  • Access both the front and rear cameras.
  • Take pictures and record videos any time the app is in the foreground.
  • Find out where you are using the Exif data embedded in images.
  • Upload pictures or videos to the internet.
  • Detect facial features or expressions.
  • Run real-time face recognition.

Krause’s theoretical bad app could abuse its go-ahead-and-use-the-camera-whever-you-like access wherever you use your device: in your bathroom, in the bedroom… or a gym locker room… or the nursery… or the playground… for similar privacy-invading naughtiness.

If any peeping Toms wanted to weaponize this loophole, you can imagine what would result: something like a pocket-sized version of a hacked webcam.

You’ve heard of the creeps who trick women into taking their webcams into the shower? Given that this privacy loophole subtracts the tedious and not 100% guaranteed success rate of the “talking them into it” part of the equation, and bingo! You could wind up with the perfect stalker app.

What’s that, you say? You never grant camera permissions to apps? HA!

Krause points out that if you’re using a messaging service, like Messenger, WhatsApp, Telegram or anything else…

chances are high you already granted permission to access both your image library and your camera. You can check which apps have access to your cameras and photo library by going to Settings > Privacy.

The only sure way to protect yourself is to put tape (or a webcam cover) over your camera lens, he says, just like we all use on our laptop cameras or other webcams (because you do that, right? Hell, even Mark Zuckerberg applies sticky technology!).

Of course, sticky notes can’t protect you from your device’s microphone recording you without letting you know. If an app can use your mic, then guess what?

It can use your mic.

We don’t know of a modern phone that has either a webcam or a mic LED (nor of a laptop with a mic LED), so this is kind of the way of the world, isn’t it?

Well, the app *could* indicate whether it was recording you… though it might not. As always, it depends on who, or what, you trust.

And when it comes to trust, Apple’s iOS apps don’t tend to grab the headlines as much as Google’s Play store apps when it come to misbehaving (Google’s so keen to clean up the Play store malware muck that it’s now paying bug bounties even on third-party apps), but they’re not immune from jerky apps.

Take, for example, the iOS version of AccuWeather: a researcher recently found that it tracks you even when you explicitly tell it not to.

Sure, it’s always been this way, but it reminded Naked Security’s Mark Stockley of Google’s Your Timeline – something that follows you around, painting a very accurate picture of your daily life, typically without people realizing that they’d ever turned it on.

Mark’s musings:

My laptop has a green light. Even Google glass had a light. My phone does not have a light AFAIK but it never occurred to me before.

Or perhaps it’s like Facebook tracking your mouse movements and keystrokes. Sure, I know it can do that because I know how JavaScript works, but does my Dad?

We expect a web page to wait for us to click a button before it grabs the data that we’ve put into a form. But it’s a convention, not an actual feature. Only we don’t know that it’s a convention because our mental model is conditioned by the behavior of all other forms in all other contexts, and the presence of a “submit” button.

Mac cam hack 2017 security warning update

By convention apps that take a photo have a button you press to use the camera. Our expectation is that WE control the camera via the app, not that the app controls the camera but elects not to exercise that control until we use the button it’s done us the courtesy of rendering.

If only our phones, and laptop mics for that matter, had hard-wired green lights.

How to keep your camera out of your business

While we wait for our green lights, it’s easy enough to change the setting as needed. If an app wants the camera when you’ve blocked it, it will remind you but won’t get access until you go into Settings and change it.

Be careful which apps you trust with the camera or microphone, and shut them down (double-press home and swipe them closed) when not using them. Don’t leave them running in the background.

Mac Cam Hack 2017 Security Warning Update

Naked Security’s Paul Ducklin says he tries to close all running apps on his phone – email, Safari, Twitter and so on – before he “airplanes” it for the night. Doing that means he starts each day with an empty process list of apps. “Less is more,” he says.

Another tip from Paul is to regularly review your apps from the Settings page to see which ones have camera and microphone access. For example, only allowing Twitter to access your camera when you’re ready to tweet pics.

This is what your Settings menu would look like:

But in Twitter, it would be set up like this until you’re ready to grant access:

Finally, we’d be remiss if we didn’t note that Paul trusts the free Sophos Mobile Security iOS app to use his camera. (He uses it to read QR codes because it checks the URLs for malware when it scans code.)

Security


An increasing number of users are experiencing issues with Safari. Specifically, a pop-up alert window appears saying that their Mac may have been hijacked or that there is a “suspicious activity” or that their Mac is infected with a virus.

See also: Phishing for Apple ID Accounts: Scam Emails and Texts.

You may see a popup message something like this:

Critical Security Warning! Your Mac is infected with a malicious virus attack. Please contact tech support at +1-888-307-2735 and provide error code WBACK7917 to scan and resolve any potential threats to your personal and financial information, which was being tracked by suspicious connection. Consequently, we are performing additional security checks to verify the source of the attack and have halted all your system resources in order to prevent any additional damage to your system and information.”

This is a scam message targeting Mac users. Safari (Explorer, Firefox, Edge, or Chrome) will look unresponsive and locked and you will not be able to close the popup.

This is a common method that scammers use to scare people. In fact, they are a lot of different methods to steal your money, personal information, or even identity.

This is just a JavaScript pop-up. Just keep calm. Do not worry, this is not a virus. And further, your Mac has not been infected with any malware. This message is designed to scare and deceive Mac users into thinking there is something wrong.

Do not call the number on the message. And do not click the “OK” button. If you call the number, whoever answers the phone will ask you to access your Mac remotely. Or they may ask you to pay between $100 and $500. Do not do this. They are trying to steal your money. And do not share your personal information.

The popup also has a phone number. The number does not belong to Apple. If you need to contact Apple, contact only via its official number or website.

If you worry about viruses, you can prevent viruses and other malware on your Mac. You can make your Mac more secure.

There is another similar phishing scam: Mac: Your System Is Infected With (3) Viruses.

Here is how to fix security alert messages:

Follow the steps below:

  • Force quit Safari by pressing Command-Option-Esc. Or click the Apple menu and select Force Quit.
  • Force Quit window will appear.
  • Select Safari.
  • Then click Force Quit.
  • Now you need to restart Safari. But if you start Safari normally, the popup may appear. Now while pressing the Shift key, launch Safari. This is an important step. This will restart the browser without reloading previously open sessions.

If you are still experiencing this problem:

Mac Cam Hack 2017 Security Warning System

  • Force quit Safari.
  • Relaunch Safari while holding down the Shift key.
  • Turn Wi-Fi off. Simply click the wireless icon in the upper left corner then choose Turn Wi-Fi Off.
  • Visit a web site e.g. apple.com.
  • Now connect to the Internet by turning Wi-Fi on.

Mac Cam Hack 2017 Security Warning Download

Note: You may also want to clear your browser history. Choose History > Clear History. You may also want to clear your cache.

Mac Cam Hack 2017 Security Warning Free

See also: Mac Stuck On “Setting up your Mac”, Fix