VB2016 video: Getting duped: piggybacking on webcam streams for surreptitious recordings

Posted by   Martijn Grooten on   Feb 10, 2017

If you are going to be at RSA in San Francisco next week, we highly recommend you attend Patrick Wardle's talk on OS X malware in 2016 – not just because it is important for Mac users to know that they too can fall victim to malware, but also because Patrick is an excellent speaker.

We know, because we have been lucky enough to have him speak at several VB conferences, most recently at VB2016 in Denver where Patrick, who is Director of Research at Synack, presented a last-minute paper on the possibilities of Mac malware recording the user via the webcam. Patrick looked at some 'webcam-aware' malware samples, and also discussed a new way for malware to covertly record a user-initiated video session.

He also shared his 'OverSight' tool that can help users detect 'secondary' processes attempting to access an existing OS X video session. Like all of Patrick's detection tools, it is freely available from his Objective See website.

Today, we have uploaded the video of Patrick's VB2016 presentation: 

If you are interested in Mac malware, why not read the Virus Bulletin article Patrick wrote in 2015, in which he warned about the possibility of dylib hijacking on OS X, or read a blog post he wrote on his own site this week on the first in-the-wild example of social-engineering macro malware for OS X.

VB2016-dates-web.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

The spam that is hardest to block is often the most damaging

We see a lot of spam in the VBSpam test lab, and we also see how well such emails are being blocked by email security products. Worryingly, it is often the emails with a malicious attachment or a phishing link that are most likely to be missed.

Throwback Thursday: We're all doomed

Mydoom turns 15 this month, and is still being seen in email attachments. This Throwback Thursday we look back to March 2004, when Gabor Szappanos tracked the rise of W32/Mydoom.

VB2019 call for papers - now open!

Have you analysed a new online threat? Do you know a new way to defend against such threats? Are you tasked with securing systems and fending off attacks? The call for papers for VB2019 is now open and we want to hear from you!

VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis library

Today, we publish a VB2018 paper by Google researcher Maddie Stone in which she looks at one of the most interesting anti-analysis native libraries in the Android ecosystem. We also release the recording of Maddie's presentation.

VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors

Today, we publish the VB2018 paper by Chronicle researcher Juan Andres Guerrero-Saade, who argues we should change the way we talk about APT actors.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.