Skip to main content

Mac Malware Could Silently Spy on Webcam Conversations

Hey MacBook users: That Skype call might not be the only reason why the green light is on next to your webcam. There's a newly discovered flaw in macOS (and OS X) that could let miscreants peep on you while you believe you're safe.

In a presentation to be given this afternoon (Oct. 6) at the 2016 Virus Bulletin conference in Denver, Patrick Wardle, a security researcher and former NSA employee, plans to outline a vulnerability he discovered in how Macs handle webcam activation. The flaw lets malware lurk in the background, waiting for you to make use of your built-in webcam, and then activate, recording both video and audio.

MORE: 12 Computer Security Mistakes You’re Probably Making

Not only is this potential invasion of privacy troubling, but Wardle also notes that the malware could leverage APIs and recording technologies already in the operating system, so that the malware wouldn't be detected or blocked. Fortunately, Wardle told the UK-based The Register that he's never seen such malware in the wild, but he tacked on a warning that there "may be malware already (ab)using this technique that we just haven’t detected."

Wardle's presentation slides don't explain whether or not this piggybacking technique permits eavesdropping on both the incoming and outgoing audio and video of an online chat, but the fact that someone could silently record everything you contribute to a video conversation should be enough to give you some concern. 

If Wardle's name doesn't ring a bell, trust us that his advisories shouldn't be taken lightly. He's previously exposed how the dating app Grindr leaked user location data, and how Apple was slow to patch a security flaw that Microsoft handled years earlier in Windows. He also released a ransomware blocker for Macs when that breed of malware began to show its ugly face on Jony Ive's finely-designed digital doorstep.

What can you do? 

  • Fortunately for users, Wardle has released a tool that helps you keep track of who's accessing your webcam. It's called OverSight, and it sends users an alert "whenever a process accesses the webcam" and "when the internal mic is activated," which is important, considering that Macs provide no cues to the user in such circumstances.
  • Cover your webcam when you're not using it. It's an act endorsed by Facebook CEO Mark Zuckerberg, by FBI director James Comey, and, last but not least, by us.
After graduating from Bard College a B.A. in Literature, Henry T. Casey worked in publishing and product development at Rizzoli and The Metropolitan Museum of Art, respectively. Henry joined Tom's Guide and LAPTOP having written for The Content Strategist, Tech Radar and Patek Philippe International Magazine. He divides his free time between going to live concerts, listening to too many podcasts, and mastering his cold brew coffee process. Content rules everything around him.