MacBook webcam light can be disabled to spy without notice, researchers find

Share this article:

Researchers have found that, contrary to popular belief, online snoops with enough technical savvy can disable the indicator light on Apple webcams to spy on people without notice.

In a report, aptly called “iSeeYou: Disabling the MacBook Webcam Indicator LED,” two Johns Hopkins University researchers, Matthew Brocker and Stephen Checkoway, describe how the hack works in older MacBook laptops and iMac desktops.

The 13-page report was published last Wednesday, and first reported on by The Washington Post a week later.

The duo built an OS X application, dubbed “iSeeYou,” which demonstrates how they were able to capture video with the LED [light-emitting diode] disabled. The hack allowed them to bypass the hardware interlock used by first-generation internal iSight webcams installed on older MacBook laptops and iMac desktops released prior to 2008 (including the iMac G5 and early Intel-based iMacs, MacBooks and MacBook Pros).

“Coupled with the hardware design flaw that allows the indicator LED hardware interlocks to be bypassed, malware is able to covertly capture video, either for spying purposes or as part of a broader scheme to break facial recognition authentication,” the report said.

The report also made mention of the fact that, while some webcams, like Logitech QuickCam Pro 9000, allow LED control, where the warning light can be disabled, that “such controls are not the norm and, in fact, are a very bad idea from both a security and privacy standpoint.”

Brocker and Checkoway disclosed the LED-disabling vulnerability to Apple's product security team on July 16. While Apple employees “followed up several times,” the researchers said that Apple did not let them know of any mitigation plans.

The duo also plans to test their research on newer Apple webcams, including the company's FaceTime cameras, and on webcams installed in other popular laptops, the report said.

The ability to remotely activate users' webcams, without their LED coming on, can be seen as even more concerning, given the prevalence of “sextortion” scams being carried out by ill-intentioned individuals with technical prowess.

Last month, 19-year-old Jared James Abrahams pleaded guilty to hacking young girls' webcams in an extortion campaign, which victimized Miss Teen USA, Cassidy Wolf.

The pageant winner was a high school classmate of Abrahams, who now faces the possibility of prison time of 27 to 33 months for extortion and computer crimes.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.