Yes, Your Webcam and Phone Camera Can Be Hacked

Posted on by

Like any device connected to the internet, your cameras are susceptible to hacking. While attackers often focus on large spy targets like critical infrastructure , individuals are not immune. Your webcam, security camera, and even baby monitor can be used for a variety of malicious purposes, but advanced cybersecurity practices can significantly reduce your risk.

Internet-connected cameras vulnerable to hacking

Webcam hacking provides remote access to your device’s camera, allowing attackers to view and record the camera feed. This means they can turn your camera on and off, see what the camera sees, and take photos and videos. Potential risks here include everything from spying on your personal movements and private activities to recording footage for blackmail and “shoulder surfing” to steal data to track you when you’re at home. Live streams can also be distributed or sold on the dark web, putting your privacy, digital security, and possibly your physical safety at risk.

It’s not just your phone and computer that are at risk. All kinds of internet-connected cameras commonly found in consumer homes — security cameras, pet cams, baby monitors, and smart bird feeders, to name a few — can be hacked relatively easily. These cameras could be integrated into botnets or give attackers access to other devices on your network. A recent report from cybersecurity company BitSight ( covered by 404 Media ) found that content from more than 40,000 unsecured cameras had been published online, and the researchers note that this estimate is likely very conservative.

Surveillance camera networks are also widespread and permeate our daily lives. The Electronic Frontier Foundation has documented some of the ways in which video surveillance is conducted and used in cities across the country, from automatic license plate readers to mobile surveillance towers. Of course, the data is available to law enforcement, but these cameras have also been targeted by hackers who post live feeds online. BitSight has also found hacked cameras in public places like gyms and stores.

How Hackers Access Your Camera

Hacking the webcam on your phone or computer is primarily the result of malware that allows attackers to remotely take over your device and access your camera. Programs such as Remote Access Trojans (RATs) are usually delivered through phishing attacks that trick you into clicking links to download and install malicious applications.

Other cameras connected to the Internet can be accessed remotely using default manufacturer usernames and passwords, which are often publicly available. Weak credentials can also be brute-forced, and older devices that no longer receive security updates may be particularly vulnerable to hacking.

You can search for your camera on Shodan.io , which scans internet-connected devices, or try accessing it from a device outside your home network without signing in via a secure app or VPN. If you succeed, your camera may be compromised.

There are also a few red flags that indicate your webcam may have been compromised. The obvious one is if the camera light is on or flashing when you’re not actually using the camera, such as for a Zoom meeting or video call. Other signs of a malware infection include a rapidly draining battery, suspicious or unfamiliar apps or files on your device, strange network activity, and unexpected changes to your webcam settings.

What do you think at the moment?

How to Prevent Cameras from Spying on You

Good cyber hygiene is essential to protecting your devices from hackers. Be careful when clicking on links found in emails, text messages, social media posts, or other communications, as these may be phishing links used to distribute malware that takes over your device. Never follow commands for CAPTCHA tests, a tactic often used in ClickFix attacks .

Keep your devices, including any internet-connected cameras, up to date with the latest firmware. Enable automatic updates if available, and regularly check for security patches that address vulnerabilities. Change the default usernames and passwords on your IoT cameras to something secure and unique (again, these defaults are often publicly available). Firewalls and VPNs are also useful tools for blocking unauthorized access to your network and devices.

This is also a good time to check which apps and services have access to your device’s camera, and disable any you don’t recognize or that aren’t necessary for the app’s functionality. Permissions are found in your device’s settings:

  • Windows: Start > Settings > Privacy & Security > Camera

  • Mac: System Preferences > Privacy & Security > Camera

  • Android: Settings > Security & Privacy Privacy > Permission Manager > Camera

  • iOS: Settings > Privacy & Security > Camera

Finally, a simple form of protection is a webcam cover (or even a piece of tape) that covers the camera’s view when not in use.

More…

Security

Leave a Reply