Here's How Mac Malware Works:

How to Prevent Your WebCam and Mic from Being Hacked

Apple Mac Computers are considered to be much safer than Windows at keeping viruses and malware out of its environment, but that's simply not true anymore.It's not because Mac OS X is getting worse every day, but because hackers are getting smart and sophisticated these days.The bad news for Mac users is that malware targeting webcams and microphones has now come up for Mac laptops as well.Patrick Wardle, an ex-NSA staffer who heads up research at security intelligence firm Synack, discovered a way for Mac malware to tap into your live feeds from Mac's built-in webcam and microphone to locally record you even without detection.Wardle is the same researcher who has discovered a number of security weaknesses in Apple products, including ways to bypass the Gatekeeper protections in OS X.Wardle also released a free tool called RansomWhere? earlier this year that has generic detection capabilities for Mac OS X ransomware variants.Wardle is scheduled to present his new findings at the Virus Bulletin conference in Denver later today, along with his research demonstrating how malware could easily piggyback on your legitimate webcam sessions to keep its spying activity hidden.Yes, piggybacking legitimate webcam sessions initiated by you.Since Mac's firmware-level protection lights the green LED for any unauthorized access to user's webcam, Wardle believes that attackers can use a malicious app that quietly monitors the system for any outgoing feed of an existing webcam session – like a Skype or FaceTime call – where the light indicator would already be ON.The malware then piggybacks the victim's webcam or microphone to secretly record both audio and video session, without any visible indication of this malicious activity and any fear of detection.In his paper presentation, titled 'Getting Duped: Piggybacking on Webcam Streams for Surreptitious Recordings,' Wardle outlines the threat along with countermeasures to detect "secondary" processes that try to access an existing video session on OS X.Wardle has developed and released a free tool, dubbed OverSight, which not only monitors webcam and microphone activities but also alerts you when a secondary process accesses your webcam, asking whether you want to allow or block access.Oversight is a free download from Wardle's website.Moreover, physically covering your webcam – like what Facebook CEO Mark Zuckerberg and FBI Director James Comey do – also offers a low-tech approach to keeping snoopers away.