Leave Your Webcam On 24/7? Might Want To Reconsider...

| | Comments (2)
It's nothing new that many hackers use programs that allow them to "spy" on their victims once they've compromised the PC (as long as they have a webcam switched on, of course). Similarly, hacking culture has always had a fascination for memes, incorporating them into part of the design of their latest DDoS tools.

However, the strange obsession with shock memes has now spilled into a "fun" game currently doing the rounds on various hacking sites and forums.

What this involves is hackers compromising a PC (using whatever hacking tool they feel like that allows them to connect to a victims computer, there is no specific Executable used for this), ensuring the victim has a webcam switched on then opening up shock meme websites at the most inopportune moment, recording the moment of impact with the webcam feed. Or, as one guy put it:

spinny1.jpg


If you don't know what Meatspin is, you can probably count yourself lucky. If you still want to know, click here (for an explanation. Not Meatspin itself, though the explanation might be classed NSFW anyway).

Here's a real life example of one such incident, taken from a message board:

spinny2.gif
Click to Enlarge

Typically, the shock meme website is opened up at full blast, which startles the victim (most sites of this nature loop a piece of music in the background while the, er, action takes place on screen). The bigger the shock, the better. Here's one guy who sounds like he shot about six feet in the air when the meme site fired up in his browser:


spinny3.jpg
Click to Enlarge

This might all sound like fun and games - sort of - but note that the above individual did try to grab the victims credit card details.

Generally, the attacker doesn't interact with the victim (because they want friends, relatives or others to think the victim actually brought the site up themselves) but here's a little trash talk anyway:

spinny4.jpg


At this point, the attacker may or may not grab a screenshot for posterity. I've seen quite a few galleries on sites comprised of people looking shocked at Tubgirl, or being spun round baby right round by Meatspin, and there's no doubt countless others out there floating around. Of course, not everybody is shocked (or indeed impressed) by a shockmeme site popping up on their computer. As an example of that, take this guy:

spinny5.jpg


Full credit to anyone that counters a shockmeme site appearing on their desktop by picking their nose for five minutes. At any rate, the golden rule with this is that the hackers only bother doing this when a webcam is present and left switched on. If there's no webcam, there's no point trying to elicit a response (because for all they know they're popping open 2 Girls and 1 Cup to an empty server room).

Webcams can be a fun tool, but remember to switch them off every now and again or they could come back to haunt you. Of course, depending on the shock meme site deployed (and who happens to be in the room with you at the time), that could be the least of your worries...


2 Comments

So, do Mac's leave the webcam on? What about PCs with builtin cameras?

"So, do Mac's leave the webcam on?"

The above examples are all Windows PCs that have been hijacked (as far as we can tell - the people posting to those particular forums don't say what OS the victim is running, and there isn't a specific EXE being used for this). Basically, ANY client / server hacking program that allows the hacker to connect to the hijacked PC and view the target via webcam can be used for this, which on hacking forums usually means Win32 files. I've updated the blog to make that clearer, thanks for mentioning it :)

Of course, there could be Mac based hacking tools out there that allow the hacker to view the victim via webcam, but if there is I'm not aware of it (though I don't use or test on Macs anyway so I'm not the best source of information for something like that - everything I do is Windows based. Having said that, if I had a Mac, I'd switch off a webcam unless I intended to use it anyway).

As far as built-in webcams, they tend to be on laptops and not desktops, as far as I know - so just switch the cam off unless you need it, turn off the laptop overnight (so you don't get a rude awakening like the guy in the example) etc.

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on September 1, 2008 4:46 PM.

My First Rogue Cleaner Popup Of The Month was the previous entry in this blog.

Epic Cash Vs Zango - Legal Action Incoming? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.