Dangerous errors in video call software allow bad guys to easily turn on the MacBook webcam without your knowledge

Tram Ho

Security researcher Jonathan Leitschuh shared the above issues in a blog post. Accordingly, a bug in Zoom software allows malicious websites to activate the camera on the MacBook without user permission. The feature design flaw helps users to quickly join video calls, giving the hacker an opportunity to easily take control of the camera.

Lỗi nguy hiểm trong phần mềm video call cho phép kẻ xấu dễ dàng bật webcam MacBook mà bạn không hề hay biết - Ảnh 1.

Currently the problem only affects Apple MacBooks because the software Zoom installs the web server on the Mac during the first installation. According to the software release company, this way of making convenience.

Leitschuh warned: “This vulnerability allows any website to require users to use the call via Zoom and webcam applications to be activated without user permission.”

Leitschuh gave evidence of the concept of communicating with web servers. What the attackers need to do is to embed a malicious code into the website and send it to the victim. Basically, if the user doesn’t know how to configure the Zoom application to turn off the meeting in the first video call, the attacker can easily track the user’s video feed.

Lỗi nguy hiểm trong phần mềm video call cho phép kẻ xấu dễ dàng bật webcam MacBook mà bạn không hề hay biết - Ảnh 2.

There is currently a quick fix. To disable Zoom’s webcam function, users can activate it in software settings. Usually the application is in the default state and the person who opens the chat has the option to turn on the camera of the call recipient when starting the conversation.

Talking about Leitschuh’s latest findings, the publisher Zoom said, the problem is only a negligible risk because users can change camera settings as soon as the app is installed. .

In the upcoming update, Zoom said it will give a note about the option to turn on / off the camera right in the first conversation. The company also confirmed that it will open a program to find reward redemption on Zoom application. Also in the Zoom statement, there have been no cases of recording applications exploited by hackers.

On Twitter, many cyber security experts quickly alerted users about checking early and identifying security holes in the Zoom application on a Mac.

Refer to Newsweek

Share the news now

Source : Genk