Author |
Message |
Ritzter13
|
Posted: Sat Sep 29, 2012 11:54 pm |
|
|
welcoming committee |
|
Joined: Wed Apr 18, 2012 1:13 pm Posts: 466 Location: Grand Blanc, Michigan
|
I'm not sure what category to post this under. Here is the story. A friend of mine was using Yahoo chat last weekend. During the chat another window open from an unknown third party requesting a conversation. After a few minutes my friends laptop was hacked and his webcam was activated. After which he he was threatened with extortion/blackmail for money or a rather nasty video of him would be posted on Facebook. He posted new status warning his friends he'd been hacked. Sure enough a few days later a video appeared as a comment in that thread. He's now going through the painful process of trying to clean up this mess. He has contacted Facebook, Yahoo, his employer and the police. His laptop has Win 7 Home Premium and he has a personal subscription with Nortons AV. What else can be done?
I have seen this happen only in TV shows (NCIS or Person of Interest) and movies. Doesn't your firewall, router, antivirus and real time protection stop this from happening? What other safety protocols should he establish? Does anyone here know of any similar victims? Should I be concerned from being a contact of his? Any advice about this would be GREATLY APPRECIATED. Thanks so much.
_________________ Terry
It just goes to show you, it's always something. If it's not one thing it's another! _Rosanne Rosannadanna
|
|
|
|
|
jaylach
|
Posted: Sun Sep 30, 2012 12:26 am |
|
|
Resident Geekazoid Administrator |
|
Joined: Wed Mar 21, 2012 5:09 am Posts: 9484 Location: The state of confusion; I just use Wyoming for mail.
|
At some point they probably allowed third party access to the web cam such as in allowing access in the settings for Flash.
Is the released video legit or doctored to be made 'nasty'? If legit I don't have a whole lot of sympathy.
As to what can be done the first thing would be to get rid of Norton and get Windows Security Essentials or Avast along with MBAM.
|
|
|
|
|
Ritzter13
|
Posted: Sun Sep 30, 2012 7:40 am |
|
|
welcoming committee |
|
Joined: Wed Apr 18, 2012 1:13 pm Posts: 466 Location: Grand Blanc, Michigan
|
Hi Jay. I personally didn't watch the video. It was confirmed through a mutual friend that it was a doctored/edited video. I don't believe he knowingly allowed the access in the Flash settings but can't say for certain. Is anyone that uses web cams susceptible to this depending on their personal security software choices? Have you heard of this happening before this incident other than reading that it could possibly happen? This is a first for me hitting so close to home.
_________________ Terry
It just goes to show you, it's always something. If it's not one thing it's another! _Rosanne Rosannadanna
|
|
|
|
|
jaylach
|
Posted: Sun Sep 30, 2012 7:51 am |
|
|
Resident Geekazoid Administrator |
|
Joined: Wed Mar 21, 2012 5:09 am Posts: 9484 Location: The state of confusion; I just use Wyoming for mail.
|
I have never known anyone that has had a web-cam accessed. That is why I figure that somewhere along the line they allowed.
|
|
|
|
|
sboots
|
Posted: Sun Sep 30, 2012 10:19 am |
|
|
Site Admin |
|
Joined: Tue Apr 10, 2012 9:48 pm Posts: 2959 Location: New Jersey
|
My suspicion is that this was a case of social engineering being engineered via the Yahoo chat client to people such as your friend who do not secure their settings to only accept invitations from known/trusted contacts. I have also never known anyone's web cam to be activated remotely without permission, either, but it is possible. If the machine was hacked, anything is possible. Next steps? I'd be contacting Norton, though I suspect that they will be of no help. I'd be running all kinds of scans to confirm that the machine was free of malware. I'd be locking down all overlooked privacy and security settings. And the next step for you would be to advise your friend that the bad guys are always looking to trick users into allowing them access -- much like the vampire needing to be invited inside; your friend accepted the invitation which opened the door. No amount of security is going to prevent an attack if the use just blindly hands over the keys.
-steve
_________________ stephen boots Microsoft MVP 2004 - 2020 "Life's always an adventure with computers!"
|
|
|
|
|
MacDuffie
|
Posted: Sun Sep 30, 2012 11:47 am |
|
|
Fearless Leader |
|
Joined: Wed Mar 21, 2012 5:42 am Posts: 2819
|
And to have true peace of mind, reformat.
_________________ Patty MacDuffie Computer Haven Administrator
Live Long and Prosper Mr. Spock
|
|
|
|
|
Manny Carvalho
|
Posted: Sun Sep 30, 2012 2:06 pm |
|
|
welcoming committee |
|
Joined: Thu Mar 22, 2012 1:35 am Posts: 715
|
jaylach wrote: ... Is the released video legit or doctored to be made 'nasty'? If legit I don't have a whole lot of sympathy.
Man, you're a tough guy. It's never good when people get threatened with bribery regardless of what mistakes they made.
_________________ Best regards, Manny Carvalho MS-MVP since 2002
|
|
|
|
|
jaylach
|
Posted: Sun Sep 30, 2012 6:18 pm |
|
|
Resident Geekazoid Administrator |
|
Joined: Wed Mar 21, 2012 5:09 am Posts: 9484 Location: The state of confusion; I just use Wyoming for mail.
|
Not that tough, by a legit video I meant that the video was actually of something to be ashamed of, not a video that was doctored to make it appear as such.
|
|
|
|
|
Ritzter13
|
Posted: Sun Sep 30, 2012 7:36 pm |
|
|
welcoming committee |
|
Joined: Wed Apr 18, 2012 1:13 pm Posts: 466 Location: Grand Blanc, Michigan
|
jaylach wrote: At some point they probably allowed third party access to the web cam such as in allowing access in the settings for Flash. What settings are you referring to? Where do you find them so I can check mine?
_________________ Terry
It just goes to show you, it's always something. If it's not one thing it's another! _Rosanne Rosannadanna
|
|
|
|
|
jaylach
|
Posted: Sun Sep 30, 2012 9:09 pm |
|
|
Resident Geekazoid Administrator |
|
Joined: Wed Mar 21, 2012 5:09 am Posts: 9484 Location: The state of confusion; I just use Wyoming for mail.
|
If you right click on a Flash page you will see the availability for Global a site specific settings. It is through these that you will find whether to allow or not microphone and web cam access. In these settings you will also find such things as how much memory to allow for usage.
|
|
|
|
|
Ritzter13
|
Posted: Sun Sep 30, 2012 10:00 pm |
|
|
welcoming committee |
|
Joined: Wed Apr 18, 2012 1:13 pm Posts: 466 Location: Grand Blanc, Michigan
|
I have seen that but never altered anything in that window. If you make a change do the changes stay until changed again or are they session and video specific? I mean do you have to alter the settings every time you open a video from a browser?
_________________ Terry
It just goes to show you, it's always something. If it's not one thing it's another! _Rosanne Rosannadanna
|
|
|
|
|
jaylach
|
Posted: Sun Sep 30, 2012 10:27 pm |
|
|
Resident Geekazoid Administrator |
|
Joined: Wed Mar 21, 2012 5:09 am Posts: 9484 Location: The state of confusion; I just use Wyoming for mail.
|
I THINK that you have the choice between Global and page specific. I believe that Global means for any site accessed and site specific would be just for that site.
|
|
|
|
|
dvair
|
Posted: Mon Oct 01, 2012 1:09 am |
|
|
welcoming committee |
|
Joined: Sun Apr 15, 2012 2:39 am Posts: 680 Location: Johnstown, NY
|
There is also a Flash settings icon in the Control Panel. You can do your Camera and Mic settings in there too.
|
|
|
|
|
Manny Carvalho
|
Posted: Mon Oct 01, 2012 9:33 am |
|
|
welcoming committee |
|
Joined: Thu Mar 22, 2012 1:35 am Posts: 715
|
jaylach wrote: I THINK that you have the choice between Global and page specific. I believe that Global means for any site accessed and site specific would be just for that site. That's right, when you are on a specific web page right click on the Flash content and there is an option for Settings for that particular site or a Global option for everything else.
_________________ Best regards, Manny Carvalho MS-MVP since 2002
|
|
|
|
|
|