Ransomware is a particularly nasty form of malware because it seeks to exploit computer users’ fear that their privacy has been compromised. As more and more malware is reported and makes the headlines, more of us become concerned for the safety of our data, as well as our own privacy and even personal safety. Ransomware, like the “your camera is hacked” scam, plays on that by sending you a message telling you that the hackers have images taken from your webcam while you were surfing the web. Usually, the message claims you have been visiting porn sites and that the webcam took a video of you while you visited the sites.
Can my Mac’s camera be hacked?
If it’s an external webcam, you’ll definitely know where it is. Webcams capture video live and send it back to your computer. They are normally used for video calls but they can be hacked like anything else electronic and transmitted back to another source, or in this case, another person. Checklist to See If Your Webcam Has Been Hacked. Top Ways to Know If Your Computer Is Being HackedSubscribe to Top 10s from Top 10s counts down the top Ways to Kno. One common symptom that the webcam has been hacked is the blinking LED light beside your web cam, which indicates that your web cam is running. You will need to find out what caused the web cam to turn on on its own. It could be apps installed in your computer or the extensions you installed in your browser.
The short answer is yes. It is possible for malware running on your Mac to turn on the iSight camera and record video or still images and audio from the microphone, and send it to a storage location on the internet. As recently as 2016, a backdoor called Backdoor.OSX.Mokes, a Mac variant of a piece of malware that had already been found on Windows and Linux computers, was discovered. According to Kaspersky labs, the backdoor could steal data, including Screenshots, Audio-/Video-Captures, Office-Documents, and Keystrokes. There have been other instances of malware that has this capability.
As reported at “Objective by the Sea,” 2019 security conference, 20% of Macs are infected by PUPs — Potentially Unwanted Applications.
What can I do to stop my camera from being hacked?
While some suggest using camera covers or lids to protect your privacy, we don't recommend doing so. Closing your Mac with a cover over the camera may seriously damage the display. Lids can also cover the light sensor and prevent your Mac from automatically adjusting brightness. There are other safe methods to make sure you're not being watched. We'll explain them below.
Doesn’t a green light come on when the camera is in use?
Yes, it does. Apple assures that the camera indicator is always lit if the camera is activated. It means no one can use your camera without you knowing.
But there are additional security measures you can take to control access to your camera.
Check what apps have access to your camera
If you think that your camera might be hacked, it’s a good idea to check what programs on your Mac are allowed to access it. You can easily check the current permissions with the help of the freshly-baked feature in CleanMyMac X. It’s called “Application Permissions,” and it allows you to stay in the know of your app permissions. If you're running macOS Catalina, you can check what programs can access your camera, microphone, files, and folders in just a few clicks.
CleanMyMac X has a free trial version, so try it out and keep your data safe!
I thought you said the “your computer has been hacked” thing is a scam?
It is. While it’s possible to steal video, audio, and photos from your webcam and microphone, and malware exists that can do it, that’s not what’s happening in this case. The porn blackmail scam that sends out email messages claiming your webcam has been hacked is designed to extract money from people who believe it may be true. Even people who have never visited a porn site become concerned when they receive the email. It's easy for people who have visited porn sites to see how their fears could be exploited.
The scam works by sending spam emails in the hope of luring enough people to make it worthwhile. The email claims that you downloaded a virus while watching porn and that the virus captured video of you while you were on the site, along with screenshots of the site itself. It then threatens to send the video to everyone in your contacts app if you don’t pay a ransom of several thousand dollars in Bitcoin. As an extra twist, the email addresses are often harvested from data breaches which also exposed users’ passwords. By including the password in the email, the hacker demonstrates that they know something about the recipient. That increases the fear that the hacker has more information, including the images and video they claim to have. It’s a tried and tested social engineering trick and a very nasty one.
What to do if I receive one of these emails?
- Delete it. Don’t click on any links in the email and don’t pay the ransom. The hacker doesn’t have what they claim to have. The email is designed to blackmail porn site visitors. Even if you have visited porn sites, you can safely delete the email.
- If the email contains a password or part of a password that you’ve used online, change your password on every site where you use it. Use a unique password for every account, make sure it’s hard to guess (Safari’s password suggestion tool is a good way to do this), and don’t write it down.
- иTake the opportunity to scan your computer for malware. You can do that using one of the many antivirus tools that allow you to download them and scan your computer for free. Some may then charge you if they find anything, and you need to remove it. Alternatively, if you’re using a Mac, you can use the malware tool in CleanMyMac X. It uses CleanMyMac’s regularly updated malware database and compares what it finds on your Mac with it. If it doesn’t find anything, it will tell you your Mac has a clean bill of health. If it does, you can remove it at the press of one button.
This app can detect macOS-specific keyloggers, backdoor viruses, and worms. Download its free version here. - Forget about it. Once you’ve deleted the email, changed passwords, and scanned your computer, try and forget about it. You won’t hear any more from the hackers.
While it is possible for webcams, like the iSight cam on iMacs and MacBooks, to be hacked and images and video stolen, it’s very unusual. Far more common are hackers who try to exploit the fears of people who are worried about privacy by claiming to have video and photos that they don’t. While taping over your webcam and microphone will prevent anything from being stolen, for most of us, it’s probably not necessary. However, you should make sure that your online accounts have secure, unique passwords and delete any accounts you no longer need or use. And it would be best if you also scan your computer for malware, perhaps using the malware utility in CleanMyMac X.
These might also interest you:
There’s a good reason so many people put tape over their computer webcams or use a dedicated webcam cover to shut them off: Webcams can be hacked, which means hackers can turn them on and record you when they want, usually with a “RAT” or remote administration tool that’s been secretly uploaded.
This type of attack may target anyone. Ransomware attempts generally try to take control of anything that can be used to make cash. As a result, many malware try to infect webcams so hackers can (potentially) get content suitable for extortion. To keep your webcam privacy, it’s important to have good anti-malware software — but you should also know the signs if someone has gained control of your cam. Here’s what to watch for.
The light on your webcam turns on at strange times
This is one of the easiest problems to look for: Your computer webcam should have a tiny indicator light beside it. You can see it turn on when the webcam is activated for something like a video conference.
However, if you notice this indicator light turning on at odd times, especially when you aren’t using it, this is a telltale clue that someone has taken control of your webcam from a distance and uses it to take a look.
If you notice this happening, you should quickly check your active apps, including apps currently active in the background. See if any running apps are turning on your webcam by themselves. In most cases, no app should ever turn on your webcam without your explicit permission, so this is already a good reason to delete any apps you find responsible — or at least make some serious adjustments to their settings and access. But in some cases, it could be an issue with app settings activating the webcam when the app turns on, and it’s important to rule this out when seeing if you’ve been hacked.
Your browser extensions are turning on your webcam
Browser extensions are another potential cause of your webcam turning on without your knowledge. Check to see if it seems your webcam indicator light turns on every time you open your internet browser (Chrome, Firefox, etc.). That’s a clue that you have an extension or add-on on your browser using your cam.
You can disable all your extensions and then enable them again one by one, then restart your browser each time to narrow down which extension may be causing the problem. Is that extension actively trying to hack you? Maybe not — it could just be a poorly designed extension. Either way, you are better off without it. Delete the culprit and look for a different solution.
There are unexpected webcam video files stored on your computer
Let’s say that a hacker does manage to take remote control of your webcam, turns it on, and tries recording with it. What happens then? Well, malware may be very advanced in some ways, but it’s very limited in others, and that means that those recorded videos are still getting saved to your hard drive — even if a hacker is trying to collect them.
This means one of the easiest ways to check if you’ve been hacked is to open up your hard drive folders and check for weird webcam video files that you didn’t save. You would be surprised how many people never notice that these files exist or how easily they can get lost in messy file systems. The video files may have random names or tags, so check out any strange video files and see if it looks like some have been created with malicious intent.
To find them, try searching for a dedicated webcam folder, as most webcams will automatically save videos to their own files when they are being used to record. This is usually in your documents section. Otherwise, check other video folders that your computer has created in this area.
Your security settings have been changed in weird ways
Malware may also change security settings to make it easier to control the webcam and send or receive video files (among other mischiefs). Open your webcam app and check on its security and accessibility settings to see if anything looks out of place or suspiciously disabled. Watch particularly for webcam passwords that have been changed or removed and strange apps that have access to your camera. In Windows 10, you can also disable the ability for apps to access your camera at all, which could be a great choice.
If you have antivirus software, check to see if its webcam protections have been disabled or changed — look for limited-access features that are disabled and webcam notifications (alerts that tell you when the webcam is being used) that have been disabled, as these are typically automatically enabled when the software is activated. Not all antivirus software has webcam features, but they are definitely worth checking up on.
How To Know If Mac Webcam Is Hacked Without
Check your operating system security to see if any firewalls or other security measures have been recently disabled. Keep an eye on these settings over time, so you’ll know if it looks like they’ve been suddenly changed.
Your virus scan reveals suspicious apps
Good antivirus software is skilled at scanning your computer for suspicious files or activity. If you have an antivirus app, run a manual scan, and see if it reports any malware or suspicious activity on your computer. Take a look at the specifics to see if your webcam may have been compromised, and be sure to have your antivirus software remove any suspicious apps or content.
Malware can try to install a RAT on your system to gain access to your webcam; a practice sometimes called “camfecting.” Widespread malware attacks that have used this tactic include Blackshades, Rbot-GR, Mirai, and InvisiMole. If your antivirus software mentions potential infection by anything like this, then you know what may have happened to your cam.
If you don’t have an antivirus app, then you’ll love our guide to the best free options available.
Mac Webcam Help
You get a message from a hacker
Receiving a message from a hacker who tries to extort money from you using webcam videos is a worst-case scenario. They’ll often try to get payment through an obscure bitcoin wallet address or a similar payment method.
These messages almost always contain lies about what a hacker has done or what they have access to. Treat them like any other phishing attempt, since they’re often a vehicle to install ransomware on your computer. Hackers find contact lists on the dark web and use them to send thousands of blind emails in the hopes that even a small percentage of recipients will fall prey to fear and pay money to protect themselves. Don’t fall for this bait if you get one of these emails. Unless they provide hard video evidence, there’s no reason to believe they have control over your webcam.
If you get a message, ignore it and refrain from clicking any files or links, even if the message says it contains evidence of webcam videos. Don’t send money to anyone. Instead, install and run some robust anti-malware software to help check for any problems, and change your passwords to heighten your security. A good password manager can help you automatically generate strong passwords, or you can practice our tips on choosing better passwords if you create your own.