Cover up your webcam – someone could be watching you

by
Play

When you are using your computer, and your webcam is always right there in front of you, do you ever wonder if it’s possible that someone, somewhere out there on the internet is looking at you?  A lot of people in the past would have said that’s being paranoid.  Unfortunately, it’s not a crazy fear – it’s something that is already happening.

JRAT

“Can someone watch me through my webcam?”

The acronym “JRAT” stands for Java Remote Administration Tool.  It’s a type of software that is being used by a group of people who see this most commonly as a hobby.  It’s pretty creepy though, and could cause you a lot of headaches.

Java Remote Administration Tool

Here’s what happens:

1. This little piece of software gets onto your computer (how it gets there, we’ll talk about in a minute).

2. The person that put the program on your computer gets notified that you are his latest target (the common term for this is “slave”).

3. Your computer is now controlled by the person that RATted you.  What they will usually do is turn on your webcam to watch you.  But they do like to have fun and freak people out, so they might make your CD/DVD drive drawer open and close.  Or, they can use your computer’s Text-to-Speech function and have your speakers announce “I am watching you” or something similar.



The things they do just to get a reaction are bad enough.  Worse than that, some of the RAT programs have a built-in “keylogger” function.  That means that whatever you type on the keyboard, it is recorded to a text file and made available to the person controlling your computer.  Emails, Word documents, credit card numbers, whatever you type.

And that is just what happens when you are actually using your computer.  What about when your computer is on, but you are in the other room or not even at home?   This person can browse whatever is on your computer:

  • pictures
  • emails
  • documents
  • videos

Maybe it wasn’t such a good idea to make that document called “Passwords.doc” and store it in your Documents folder, huh?

“How did the RAT get on my computer?”

Good question!  There are a few different ways, but I’ll describe a couple of the most common methods.  The people that create these RAT programs are constantly looking for new ways to get them embedded on as many computers as possible.  This process is known as “spreading” – and there are instructional e-books for sale that explain how to do it:

jrat3

Method #1:  YouTube
This is probably the easiest method.  You just upload a video to YouTube, and in the description you put a link to the infected file (which is stored in a publicly-available Dropbox folder, or some other site with easy access).  Then you just sit back and wait for people to watch the video, and hope that some of them click on the link.  It helps if the video is wildly popular and gets hundreds or thousands of views.  You don’t have a viral video?  Just go find one on YouTube, download it to your computer, then upload it as if it were your own (many would call this stealing).  Even though you are just duplicating a video that is already on YouTube, you will get some of that search traffic.  Some YouTube videos get millions of views – so even if yours gets a small percentage, that’s a lot.  When someone clicks on the infected link, they are now your “slave”.

Method #2:  BitTorrent
BitTorrent websites are where people go to share files.  They are also known as “peer-to-peer (P2P)” file sharing sites.  Basically, you put all of your music files, or picture files, or program installation files, in a specific folder.  Then you go to the BitTorrent website and share the contents of that folder with anyone who wants grab one or more of your files.  For example, let’s say you have a music file called “AsLongAsYouLoveMe.mp3″ (this is one of Justin Bieber’s hit songs).  While you may not personally like this song, there are millions of kids that love it.  And lots of them go online to download it for free from a BitTorrent site.  And all those millions of users are sharing their own collection.  The key fact to remember here is that you can name a file anything you like.  So all you do is give your RAT file the name of a popular song, and go share it.  Or create hundreds of them, each one with a different name.  Anyone who downloads that file, thinking they are getting a popular song, is instead getting infected.

Here are some of the most popular BitTorrent sites:

  • Torlock
  • TorrentHound
  • SeedPeer
  • H33T
  • BitSnoop
  • Isohunt
  • 1337X org
  • TorrentDownloads
  • VCDQ
  • Vertor
  • KAT.ph
  • Torrent Funk
  • TAKE FM
  • Monova
  • LimeTorrents
  • FullDLS
  • ThePirateBay
  • TorrentCrazy
  • Torrents to
  • Thunderbytes
  • Fenopy
  • TorrentZap
  • Nowtorrents
  • ExtraTorrent
  • Torrentz
  • TorrentCafe
  • BTScene
  • Toorgle
  • YourBitTorrent

(That list is certainly not complete – there are lots of them.)

“How can I make sure my computer doesn’t get a RAT infection?”

1. Don’t click on a link if you don’t know where it goes.  This applies to not only links in the description of YouTube videos, but also links in an email, in a Craigslist ad, wherever a clickable link can appear.

2. Avoid BitTorrent sites.  They are just bad news.  Ask your kids if they ever visit BitTorrent sites.  Look in their  Bookmarks or Favorites list and see if any are listed there.  If you find any, it is possible that computer is already infected.  Some parents don’t even want their kids’ pictures appearing on Facebook or other legitimate sites – how would you feel about some stranger watching your child through the webcam on the laptop?

3. Protect your computer(s).  One of the best defenses against a RAT infection is the paid version of Malwarebytes (click here to get it).  In most cases, this will prevent the file from getting into the computer.  If the computer is already infected, a full scan will most likely find it and get rid of it.

Here’s a report about webcam hacking recently released by Yahoo:

Even if you are fully protected and your computer is not infected with the Java Remote Administration Tool, there is one thing you can do that might make you feel a little safer.  Put a sticky note on your webcam.

sticky note on webcam

listen to my podcast in iTunes

Share this post

3 comments Add your comment »

Get updates when new comments are added. Subscribe to the comments RSS Feed

Mike Jenkins
March 18th, 2013

I have a good friend who is a consultant for many big companies. He usually is hired to catch employees doing things they shouldn’t. He turns on the cameras on their computer as well as other things such as key loggers. He also does this with you cell phone. He can turn on the camera and speaker even when it’s not in use.

Edgar Webb
March 19th, 2013

Never been a big fan of the webcam. When I got my first laptop a while back I tried to use mine to put up my picture for my logon. It took such an ugly picture of me (I’m not that handsome a guy anyway.) and I had heard of such a form of hacking, that between the miserable job it did in representing me, and the paranoia that it’s presence represented, I taped it over. Problem solved.

Edgar

Scott Johnson
March 19th, 2013

Thanks Edgar. It’s true, not everyone needs a webcam. But I don’t want you to have a false sense of security. Covering it up does prevent a hacker from viewing you, but if someone uses the RAT hack to take over your computer, it’s not just the webcam they are controlling. So the other security measures are just as important (maybe even more important).