In video conferencing allows web sites to access your camera on your iMac and MacBook
Hackers have learned to hack the webcam of the MacBook
Security researcher Jonathan Leitch publicly announced a threat vulnerabilities “zero day” in the app for video conferencing Zoom for macOS. Camera user MacBook can be hacked in a simple way, and hackers are probably already using this exploit.
See also the story of how
The problem showed up because Zoom installs a local web server that accepts requests video calls. What’s worse, the uninstall application does not remove server, which then can reset the Zoom without user intervention.
Apple 20 years hid a dangerous bug in macOS
The expert was shocked at how easy it was to access over the MacBook– just to throw malicious link, the “victim” and the laptop gets compromised. When the user clicks on a link, the computer automatically turns on the webcam, and the attacker can spy on his “victim”. This method works even if Zoom was previously deleted. Later Twitter users confirmed the fears of Jonathan.
This method can also be used for DDoS attacks on MacBoook or iMac user. For the local web server, the attacker can effectively block Mac, constantly pingwa server.
MacBook Pro is in danger: Apple warns of problems with battery
The researcher described the problem and sent it to the developers Zoom in March. But after 90 days the error is not corrected, however, the vulnerability to DDoS attacks was “cured”. In parallel, the expert was told about this problem Chromium and Mozilla. Zoom commented later discovered the vulnerability, which surprised Jonathan. It turned out to be “not a bug, but a feature”, or simply, “workaround”.
“This is a workaround for changes made to Safari 12. We believe that our method of circumvention is a legitimate solution to the problem of poor communication, allowing our users to conduct more than a quick meeting at the click of the mouse,” said the chief information security officer at Zoom Richard Farley.
Forgot Wi-Fi password: how to know
Farley also said that without a “workaround” users need to confirm the conference every time you want to use Zoom, which is inconvenient. The company States that it has no plans to change this feature. However, this month will be released an update that will allow the program to save user preferences and administrator regarding whether the video when you first join the call or not.
We will remind that earlier the MacBook Air has found a hidden “threat”. It was recently discovered that Apple is 20 years hid a dangerous bug in macOS.
Read the most important and interesting news in our Telegram