The Hacker News Logo
Subscribe to Newsletter

Google Chrome Inbuilt Flash player allows Webcam Hacking


No longer limited to Hollywood movies about cybercrime, webcam hacking has stealthily and aggressively broken into average households 

"I've heard a hacker could access my webcam and watch me in front of my computer. Could this really happen?" YES, other than using a Remote administration tools, it is also technically possible using new Flash based flaw in Google Chrome.

According to a recent report by security researchers, there’s a big problem in Google Chrome’s integrated Flash player. The proof-of-concept posted by Egor Homakov. When the play button is pressed, the user is actually allowing for his/her webcam to grab video and audio from a compromised computer without getting the user's permission.

"This works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you," Homakov warned. 

These kinds of virtual hacks have been taking place for years. An invisible Flash element is present on the page, the victim (using Chrome) clicks on it, and that’s it.

Adobe security team spokeswoman confirmed there was an issue but said it was limited to Flash Player for Google Chrome.

Google recently imposed a seven day deadline for vendors to respond to security bug reports. Homakov's discovery represents the first chance to see whether Google itself can stick to such tight deadlines.

The rapid growth of laptop computers with built-in web cameras substantially increases the risk of webcam hacking, privacy invasion, and other types of cybercrime (e.g., bullying, hate crimes, stalking, etc.).

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.