Meet the Peeping Tom worm

As seen on the liberal alternative to Drudge, http://rawstory.com

A worm that has the capability to using webcams to spy on users is circulating across the Net.

Rbot-GR, the latest variant of a prolific worm series, spreads via network shares, exploiting a number of Microsoft security vulnerabilities to drop a backdoor Trojan horse program on vulnerable machines as it propagates. Once a backdoor program is installed on a victim's PC it's game over and an attacker can do whatever takes their fancy. But Rbot-GR comes pre-loaded with functionality specifically designed to control webcam and microphones. Other variants of the worm do not come with this "Peeping Tom" routine, according to AV firm Sophos.

"If your computer is infected and you have a webcam plugged in, then everything you do in front of the computer can be seen, and everything you say can be recorded," said Graham Cluley, senior technology consultant for Sophos. "It would be like having a regular web cam conversation except you wouldn't know you're taking part in it."

http://www.theregister.co.uk/2004/08/23/peeping_tom_worm/

Some of us cannot afford a Mac, and it's pricy proprietary periphs. I can build two PC's with monitors, for the price of a slower Mac, which I can never upgrade.


Edit: Not to mention the lack of software...I like to play computer games.

that runs on a x86 processor and costs way less than MS BS, and is worlds more secure. :-)

the use of microsoft. Linux, all the way


:hippie: The Incorrigible Democrat

Not being able to afford a Mac is no excuse for running a PC with Windoze? WTF?..Should I stop computing altogether....? I was an Apple fanatic back in the old IIe days...kept buying them, until I realized they were screwing me. Apple blew it for me when they kept such a tight reign on the licence for components....we'd all be running Macs if they'd done that back in '88...So I taught myself how to build PC's and got back in the game. I hate Windows as much as the next guy, but I can afford the freakin' hardware.

i agree. the only reason i HAVE a mac, is my parents gave it to me. but "windows" machines can also run linux; hence, you can get cheap(er) hardware, without paying MS.

anyway, i was being facetious as it was

:hippie: The Incorrigible Democrat

"Not being able to afford a Mac is no excuse for running a PC with Windoze?"

Download linux. If you fear you'll "break" your PC, get Qnx or PHLAK (both are linux distros, but the run directly from the CD. Just pop it in your CD drive, making sure beforehand it's set up to boot from a CD; you do that in your BIOS) and play with it until you feel like you're ready to actually install it on your HD.

Let them see what's in my computer.

but you need to be careful; while there aren't many mac viruses out there, you shouldn't get cocky, and get a firewall and virus scanners


:hippie: The Incorrigible Democrat

runs a bsd core and is vulnerable if not properly secured. Breaking UNIX machines is different than Breaking Windows. Major sites running linux, aix, and w2k have all been root compromised. I will not publish hack sites but a google search will reveal plenty of methods to compromise operating systems of all types.

It is like your house, you can put up bars, an alarm, get an dog or a shotgun. However if someone needs in they will get in.

So as not to be accused of bigotry I use both as well as AIX. All have their place.

given that internet connectivity can happen over power lines such as 110-120vac: Why is it safe to assume that modern televisions can't have a microphone on the circuit board, or even a webcam behind the IR lens?

Just don't have a webcam, or a microphone on the sound card. For the die-hard, ditch the sound card entirely.

A firewall/router will do the trick. Take an hour or two to learn how address translation and ports work and you are set.

IP over ac is possible, in a lab. Remember what happened when you turned on a hair dryer and had an old tv on the same circuit?

If you wanted to be uber paranoid and support alcoa with your consumption of tinfoil you could run your machine on an high end APC, machine runs on battery that constantly recharges. current goes from house 120 to 12v back to 120.

I'm fairly certain that with the proper ports blocked, like you suggest, it will be enough.

Just yesterday (!), I ran across this:
http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220040037317%22.PGNR.&OS=DN/20040037317&RS=DN/20040037317

Various groups have been pushing IP over powerlines for some years now.

Here's one from a google:

" Use Existing Utility Assets
The Broadband over Power Lines system from Main.net uses the utility’s existing electric power lines connected to homes and businesses to deliver high-speed data through an ordinary wall socket.

No special wiring is required. Customers plug a modem into any electric outlet and access the Internet.

Main.net’s technology is easy to install, scaleable and reliable.

It works! It’s ready to go."
http://www.hometownconnections.com/utility/broadband.html

Humm, I wonder if BBV machines are "plugged in"?

I've got both a WinXP and a MAC behind a firewall...still get
spy-ware and stuff.

is the only vendor warning of this (with other pages linking to them). If it was such a serious threat, why isn't Symantec, Trend, etc all over it?

:shrug:

I have been burned by Symantec. They have released live updates after virus' have hit the net. The missed welchia and a lovegate variant.

Unix based os' are nice because most of this crap never touches them.

wow! bought a new webcam and i absently thought about what if someone could actually SEE me even when i wasn't using it. i even turned the lens to the ceiling! this was before even reading this story....

*shaking my head*

If more people used MAC there would be more viruses on the MAC. The hackers go to where the people are. We did see a MAC virus a few weeks back. Having said that Micro$oft tries to be every thing to every one and this is where they get into trouble. They should just do ONE thing well and stick to it.

Simply put, the Mac you use today is virus-free.

The very few viruses (less than fifty) that affects the Macintosh eco-system are some ten years old and were written for systems long gone.

There are methods to compromise BSD UNIX. All systems can be hacked. A virus does not exist because no one has written it.

http://www.jayallen.org/journey/2004/05/mac_os_x_highly_critical_security_flaw

http://secunia.com/advisories/11689/


Don't even have to touch your terminal..

recursive delete, all your files go bye bye. Root access to your machine, use your imagination.

This is one there are plenty of non published exploits. You can find them easily enough with a news reader.


Dont fall for the mac hype, it is no better or worse than any other system of logical instructions bundled together and called an OS.
Dont believe the hype. Still a proprietary os that runs on overpriced hardware.

http://secunia.com/product/96/

With only 4-5% it's not worth their time.

This is a variant of old code.

If you've hit windows update and have AV installed you are set.

I love big Brother.


(I like my mac more though)

They do make a nice machine. Cant beat the interface for simplicity, there is no better unix front end in the world. I'm not anti mac, just saying nobody has a perfect os.

More like a punk ass little brother script kiddie..

Apple lost the lawsuit, but Gates went to Apple and effectively stole the idea. If you remember dos, it was awful for non-geeks. But mac developed a user friendly interface and Gates emulated it (Brilliantly, I'll admit). But because Windows has the market Unix and Mac users don't have as much concern with viruses. On top of that Aple has Style!

It's called Sub Seven.

BROCocky is correct. Trojans have had this capability for some years, dating back to the classic Subseven.

By the way, ditching Windows is neither a total solution nor a very good one. There are a lot more Windows attacks because it is the dominant OS, but ANY system can be compromised if it isn't protected. Get a good firewall, and an anti-virus program, and you are pretty safe. I recommend AtGuard as a firewall, eTrust InoculateIT as an anti-virus. AtGuard can be found online for free (abandonware), and eTrust is cheap.

By the way, no worries about IP over AC power lines. You need special hardware to connect that way.