Americas

  • United States

Asia

Oceania

Cautionary tales: Teen beauty queen and baby spied on via hacked cameras

Analysis
Aug 14, 20134 mins
CybercrimeData and Information SecurityMicrosoft

A hacker took over the webcam of Miss Teen USA, another remotely spied on a baby via a wireless IP cam; such privacy concerns may have prompted Microsoft to flip-flop on requiring Xbox One to be plugged into Kinect.

People who believe hijacking a webcam is mostly a tinfoil-hat theory should listen to the recently crowned Miss Teen USA. About four months ago, when California’s Cassidy Wolf “was just a normal girl in high school,” Facebook notified her that someone tried to “log into her account from another state.” The now 19-year-old beauty queen told Today:

She then received an anonymous e-mail from a stranger saying he was in possession of photos of her that were taken in her bedroom via the webcam on her computer after it was hacked. The person tried to extort her in return for ensuring the photos were not made public. She cannot divulge all the specific details because the incident is now under federal investigation.

“I wasn’t aware that somebody was watching me (on my webcam),” she said. “The light (on the camera) didn’t even go on, so I had no idea.”

She intends to utilize her platform as Miss Teen USA to educate people about cybercrime and potentially help prevent others from being victimized too. It is a much-needed awareness campaign, considering that a study last year found one in two Americans are clueless about webcam hacking. WhiteHat Security’s Jeremiah Grossman has also tried to raise awareness about the danger of clickjacking, which can be used to exploit vulnerabilities such as in Adobe Flash to take over a webcam.

The new Miss Teen USA’s “tips for protection against hackers include changing passwords frequently and making them unique by using symbols and different characters, deleting cookies and browsing history regularly, and putting a sticker over the computer’s webcam when you’re not using it.”

Hacked wireless security camera used to spy on baby

It’s not just beauty queens, but also babies who have become victims of remote voyeurs. After a hacker hijacked a wireless IP camera being used as a baby monitor by a Texas family, he spied on and yelled obscenities at a two-year-old in her crib. When her parents came into the room, the hacker remotely focused the camera on them and then cursed at them as well.

Back in April, I covered a Hack in the Box presentation that demonstrated how to turn your wireless IP surveillance camera against you. Before that, we looked at how unpatched firmware in TRENDnet IP cameras allow voyeurs to spy in real-time into homes and offices. A full year after the company released firmware to patch the flaw, the vulnerability was still providing a Peeping Tom paradise for armchair surfers.

Microsoft: Xbox One will function without plugging in Kinect

Initially, when Microsoft said the Xbox One had to be plugged into Kinect to function, it sparked similar worries about being spied on in the privacy of our homes. But after Microsoft’s Marc Whitten listed a variety of reasons you would want the Kinect always plugged in to Xbox One and hooked online, he told IGN, “That said, like online, the console will still function if Kinect isn’t plugged in, although you won’t be able to use any feature or experience that explicitly uses the sensor.” Whitten added:

“You have the ability to completely turn the sensor off in your settings. When in this mode, the sensor is not collecting any information. Any functionality that relies on voice, video, gesture or more won’t work. We still support using it for IR blasting in this mode. You can turn the sensor back on at any time through settings, and if you enter into a required Kinect experience (like Kinect Sports Rivals for instance), you’ll get a message asking if you want to turn the sensor back on in order to continue.”

Like this? Here’s more posts:

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.