As webcams grow increasingly prevalent, hackers are finding ways to peep into user’s homes via their computers.

If you use a webcam for online chatting, your computer may be at risk from a new strain of computer malware that gives hackers control of your webcam, enabling them to turn it on, capture video and send it back across the Internet. Aside from the possibility of having private pictures or video spread around the Internet, the images could also be used as a means of blackmail or to threaten an individual’s family.

Today, software can be purchased for just US$30 that allows users to access their webcams from anywhere. The software is a blessing for busy parents who want to check up on their children or the babysitter from work, but the beneficiaries of this technology are not only working parents – Internet worms are also finding ways to use webcams.

Trend Micro warns that the WORM_RBOT.ASH worm, first discovered in March 2005, sneaks into systems via a backdoor program, turns on and captures images from any connected webcam, and then sends the images back to the hacker through the Internet. Potential threats range from burglary (as hackers can easily find out when a family is away), to extortion (as the hacker will know who is sleeping with whom in front of the camera).  

Mark Sinclair, Trend Micro technical services manager says, “Malwares that allow hackers to peep through webcams are stealthy programs not easily detected by the average user. Although some webcams may show signals when turned on – such as a sound or a light – many models do not. Besides, some malwares disable the sound card so that no sound will be heard when the camera is turned on. Even more troubling, many of today’s notebooks have internal webcams that can be started any time without the user’s knowledge. If a notebook with an internal webcam is infected with one of these malwares, someone may be spying on you the next time you turn on your computer.”

In addition to malwares that take control of webcams, TrendLabs has also recently detected malwares that take screen shots of whatever programs are running on a computer. Malwares such as BKDR_CIADOOR.S, which was discovered at the beginning of this year, pose threats to online banking users, online gamers, job seekers, and anyone reading private email because they can take screen shots of any programs running on the screen and relay that information to a hacker, who may then use the information for malicious purposes. In the digital age, the person who knows the most about you may not be the one lying on the pillow next to you – it could be a hacker. 

Another worrying trend is that many of these spy malwares also include multiple destructive capabilities. BKDR_CIADOOR.S is a multi-threat backdoor virus that can take screen shots, includes a key-logger and steals CD serial keys, MSN address book entries and temporary passwords. A hacker with this information could use your MSN password to login as you, effectively impersonate you and, using the key-logger function, even emulate your writing style by tracking the way you write.

Mark Sinclair reminds computer users, “These programs make their way into a computer system via faults in applications or the operating system as well as devious forms of trickery.  Installing and updating antivirus software which monitors communications and prevents unauthorised programs from being run remains the best form of protection against malwares.  If users remain uneasy about this threat, unplugging any microphones and webcams or turning the computer off when not in use provides extra reassurance.”