Is It Easy to Hack a Webcam
A Hacker Shows How Easy It Is to Hack Someone's Webcam and Secretly Take Photos of Them
If you're not putting a piece of black tape over your computer's camera after reading this then you're just plain stupid.
For the love of God, people – put a piece of tape over your computer's camera.
In recent episode of REAL FUTURE by Fusion, journalist Kevin Roose proves that hacking isn't just a trick you see in the movies. During a segment on hacking, Roose asked Dan Tentler, a well-known security expert, to hack as much information from Roose as possible in the 48 hours leading up to the interview.
Journalist Kevin Roose and his new daddy, Dan Tentler.
Within two days, Tentler was able to get access to the following things on Roose:
- Bank login username and password
- Email and password
- Stock trading login
- Credit card number and login information
- Social security number
- And creepiest of all, photos of Roose and his screen that were taken every two minutes for 48 hours using the laptop camera
The screenshots and photos taken of Roose.
When describing his power over Roose, Tentler said, "I could have made you homeless and penniless. I have control of your digital life in its entirety… I am you. The only thing I couldn't doctor is your fingerprints."
So how did Tentler gain access to all this? Within a few hours of the two-day challenge, Tentler realized that Roose had a Squarespace blog. Tentler then set up a bogus Squarespace account and emailed Roose a message that looked like it came directly from the admins at Squarespace. The email said that because of a recent security threat (ha) Roose needed to update his SSL security by installing a certificate. That "certificate installer" gave Tentler access to Roose's computer.
From there, Tentler created fake popups that asked Roose for specific credentials. One of those credentials was Roose's 1Password login, which is where he stored virtually every login and password he uses online.
"You didn't even have to have my passwords," Roose said, shocked after Tentler revealed what he had done. "No no, you gave them to me," Tentler replied.
Earlier in the episode, social-engineer hacker Jessica Clark posed as Roose's distraught and scattered wife and called Roose's phone company. Using a YouTube video of a crying baby, Clark convinced the customer service rep that she is Roose's wife and needs access to Roose's account but has forgotten the password.
"I'm so sorry, can you hear me OK? My baby, I'm sorry. My husband is like, we're about to apply for a loan and we just had a baby, and he's like, 'Get this done today!'," Clark said, setting the scene that she's an overwhelmed new mom who really needs help. "I'm trying to log in to our account for usage information and I can't remember what email address we used."
It only took 30 minutes before Clark gets access to Roose's account, changes the password, and has him locked out of his own cell phone account.
Here's the entire 10-minute episode. It's wild.
Get the 5-minute roundup you'll actually read in your inbox
Business and tech news in 5 minutes or less
Instagram's rough week, explained
By Jacob Cohen / July 29, 2022
Someone recently told me they stopped using Instagram and, instead, scroll through Airbnb for fun. Others are doing that, too. Not the Airbnb thing, but the …
Read More
AC sales are heating up in Europe
By Juliet Bennett Rylah / July 29, 2022
About 91% of US homes have air conditioning. But in Europe, it's far less common. Why? The climate: It's neither as hot nor as humid in many parts of Europe as it is in many …
Read More
Where does all our time go?
By Rob Litterst / July 28, 2022
If you're between 35 and 44 and feel like you have no time to yourself — it's 'cause you don't. A recent study from the US Bureau of Labor Statistics found this age …
Read More
The four principles that govern finance
By Morgan Housel, The Collaborative Fund / July 28, 2022
In his book Succeeding, John Reed wrote one of the smartest things I've ever read: When you first start to study a field, it seems like you have to memorize a zillion things. …
Read More
The NASA fashion supernova
By Juliet Bennett Rylah / July 27, 2022
People who aren't astronauts love wearing NASA stuff. You'll find it at H&M and Urban Outfitters, and on celebs like Dua Lipa, Chris Evans, and Ariana Grande (who has a …
Read More
[email-submission-form button-text="Join Free" include-trends-opt-in="true" success-url="https://thehustle.co/new-thank-you-v2/" default-source="thehustleco" default-medium="home-exit-popup" default-campaign="home-page" form-id="exit-popup-general" optinmonster-conversion="true"]
<script type="text/javascript"> var onloadCallback = function() { grecaptcha.render('verify-your-humanity', { 'sitekey' : '6LdddrcZAAAAALyttpvOqiwQGwq5BNhgDz4tMQGE' }); }; function getCookieValue(a) { var b = document.cookie.match('(^|[^;]+)\\s*' + a + '\\s*=\\s*([^;]+)'); return b ? atob(decodeURIComponent(b.pop())) : ''; } function getCookie(name) { var cookieArr = document.cookie.split(";"); for(var i = 0; i < cookieArr.length; i++) { var cookiePair = cookieArr[i].split("="); if(name == cookiePair[0].trim()) { return decodeURIComponent(cookiePair[1]); } } return null; } function setHiddenFieldValue(wrappingDiv, searchParams, className, utmName, cookieName, defaultValue) { var el = wrappingDiv.getElementsByClassName(className)[0]; var existingVal = el.getAttribute('value'); if (utmName == 'ref') { var newVal = searchParams.get(utmName) || getCookie(cookieName); } else { var newVal = searchParams.get(utmName) || getCookieValue(cookieName); } if ((existingVal == null || existingVal == '' || existingVal == defaultValue) && (newVal != null && newVal != '')) { el.setAttribute('value', newVal); } } function setHiddenFieldValueFromUtm( wrappingDiv, searchParams, className, utmName, defaultValue ) { var el = wrappingDiv.getElementsByClassName(className)[0]; if (el != null) { var existingVal = el.getAttribute("value"); var newVal = searchParams.get(utmName); if (newVal != null && newVal != "") { el.setAttribute("value", newVal); } } } function initForm() { var wrappingDivs = document.getElementsByClassName('email-submission'); Array.prototype.forEach.call(wrappingDivs,wrappingDiv => { var sp = new URLSearchParams(window.location.search); setHiddenFieldValue(wrappingDiv, sp, 'funnel-source', 'utm_source', 'funnel_source', 'thehustleco'); setHiddenFieldValue(wrappingDiv, sp, 'funnel-campaign', 'utm_campaign', 'funnel_campaign', 'home-page'); setHiddenFieldValue(wrappingDiv, sp, 'funnel-medium', 'utm_medium', 'funnel_medium', 'home-exit-popup'); setHiddenFieldValue(wrappingDiv, sp, 'funnel-referral', 'ref', 'funnel_referral', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-a', 'a', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-c', 'c', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-o', 'o', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-oc', 'oc', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-e', 'e', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-f', 'f', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-r', 'r', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-t', 't', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s1', 's1', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s2', 's2', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s3', 's3', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s4', 's4', ''); setHiddenFieldValueFromUtm(wrappingDiv, sp, 'funnel-s5', 's5', ''); var error_message = getCookieValue('validate-email-message'); if (error_message && error_message.trim() != '') { var error = wrappingDiv.getElementsByClassName('funnel-error')[0]; var prev_email = getCookieValue('funnel_email'); error_message = prev_email + " is not valid. Please try again"; error.innerHTML = error_message; error.style = ''; } }); if (false) { initCaptchaFormV2(); } } function initCaptchaFormV2() { var v3RecaptchaResponseEl = document.getElementById('recaptcha-response-v3'); v3RecaptchaResponseEl.parentNode.removeChild(v3RecaptchaResponseEl); var wrappingDiv = document.getElementById('email-submission'); var subForm = wrappingDiv.getElementsByClassName('email-submission')[0]; var captchaVersion = document.createElement('input'); captchaVersion.class = 'g-recaptcha hidden-input'; captchaVersion.type = 'hidden'; captchaVersion.name = 'g-recaptcha-response-v2'; captchaVersion.value = 'true'; subForm.appendChild(captchaVersion); var captchaEl = document.createElement('div'); captchaEl.id = 'verify-your-humanity'; subForm.prepend(captchaEl); var captchaApiScriptEl = document.createElement('script'); captchaApiScriptEl.src = 'https://www.recaptcha.net/recaptcha/api.js?onload=onloadCallback&render=explicit'; captchaApiScriptEl.async = true; captchaApiScriptEl.defer = true; document.head.appendChild(captchaApiScriptEl); } function appendCheckboxes_email_submission() { var wrappingDiv = document.getElementById('email-submission'); var optInDivs = wrappingDiv.querySelectorAll('.trends-opt-in'); optInDivs.forEach(el => { el.style.display = null; if (el.getElementsByClassName('trends-opt-in-checkbox').length < 1) { var checkbox = document.createElement('input'); checkbox.setAttribute('id', 'trends_opt_in_email_submission'); checkbox.setAttribute('class', 'trends-opt-in-checkbox'); checkbox.setAttribute('type', 'checkbox'); checkbox.setAttribute('name', 'trends_opt_in'); var label = document.createElement('label'); label.setAttribute('for', 'trends_opt_in_email_submission'); label.setAttribute('class', 'trends-opt-in-text'); label.textContent = "Yes, I'd like to receive additional emails on hot business opportunities from Trends, by the Hustle"; el.appendChild(checkbox); el.appendChild(label); checkbox.click(); } }) } window.addEventListener('DOMContentLoaded', (event) => { initForm(); if (true) { appendCheckboxes_email_submission(); } }); if(typeof hp_interval == 'undefined') { var hp_interval = 0; var hp_ts = 0; var hp_try = 0; jQuery(document).ready(function ($) { hp_interval = setInterval(function(){ $('input.hp_ts').val(hp_ts); hp_ts += 1; if(hp_ts >= 30) { clearInterval(hp_interval); } },1000); $('.email-submission:not(.prevent-default)').submit(function (e) { var form = $(this); if(hp_ts < 3 && hp_try < 1) { e.preventDefault(); if (form.find('.email-form-submit-message').length < 1) { form.find('.email-form-wrap').after('<p class="email-form-submit-message" style="padding: 0em 1.5em;">Too fast! Are you a human? Try again please.</p>'); } hp_try += 1; hp_ts = 0; $('input.hp_try').val(hp_try); } }); }); } </script> <div class="email-signup" id=email-submission> <div class="funnel-error" style="display:none;"></div> <form class="email-submission " id="exit-popup-general" action="https://cms.thehustle.co/api/v1/contacts/wordpress_create" method="post" autocomplete="email"> <div class="email-form-wrap"> <input class="funnel-source hidden-input" type="hidden" name="source" value="thehustleco"> <input class="funnel-campaign hidden-input" type="hidden" name="campaign" value="home-page"> <input class="funnel-medium hidden-input" type="hidden" name="medium" value="home-exit-popup"> <input class="funnel-form-id hidden-input" type="hidden" name="form-id" value="exit-popup-general"> <input class="funnel-referral hidden-input" type="hidden" name="referral_code"> <input class="funnel-fail-url hidden-input" type="hidden" name="fail_url" value=""> <input class="funnel-a hidden-input" type="hidden" name="a" value=""> <input class="funnel-c hidden-input" type="hidden" name="c" value=""> <input class="funnel-o hidden-input" type="hidden" name="o" value=""> <input class="funnel-oc hidden-input" type="hidden" name="oc" value=""> <input class="funnel-e hidden-input" type="hidden" name="e" value=""> <input class="funnel-f hidden-input" type="hidden" name="f" value=""> <input class="funnel-r hidden-input" type="hidden" name="r" value=""> <input class="funnel-t hidden-input" type="hidden" name="t" value=""> <input class="funnel-s1 hidden-input" type="hidden" name="s1" value=""> <input class="funnel-s2 hidden-input" type="hidden" name="s2" value=""> <input class="funnel-s3 hidden-input" type="hidden" name="s3" value=""> <input class="funnel-s4 hidden-input" type="hidden" name="s4" value=""> <input class="funnel-s5 hidden-input" type="hidden" name="s5" value=""> <input class="funnel-success-url hidden-input" type="hidden" name="success_url" value="https://thehustle.co/new-thank-you-v2/"> <input id="recaptcha-response-v3" class="g-recaptcha hidden-input" type="hidden" name="g-recaptcha-response" value=""> <div class="signup-icon" style="display:none;"> <svg width="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M22 6c0-1.1-.9-2-2-2H4c-1.1 0-2 .9-2 2v12c0 1.1.9 2 2 2h16c1.1 0 2-.9 2-2V6Zm-2 0-8 5-8-5h16Zm0 12H4V8l8 5 8-5v10Z" fill="#848B92"></path></svg> </div> <input type="hidden" name="hp_ts" class="hp_ts" value="0"> <input type="hidden" name="hp_try" class="hp_try" value="0"> <input type="text" name="first_name" placeholder="Enter your name" value=""> <input class="signup-email" type="email" name="email" placeholder="Your email address" required autocomplete="email"> <input class="email-submit om-trigger-conversion" type="submit" value="Join Free"> </div> <div class="validate-mistake-emails-message" style="display:none;"></div> <div class="trends-opt-in" style="display:none;"></div> <div submit-success> <template type="amp-mustache"> <p class="c-message c-message--success">Thank you for subscribing.</p> </template> </div> <div submit-error> <template type="amp-mustache"> <p class="c-message c-message--failed">Your submission failed. Please try again!</p> </template> </div> </form> </div>
Source: https://thehustle.co/hacker-shows-easy-hack-someones-webcam-secretly-take-photos/
0 Response to "Is It Easy to Hack a Webcam"
Post a Comment