Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Worms Security

Peeping Tom Worm That Uses Webcams 388

Ant writes "The Register mentions a new Windows worm known as Rbot-GR that is currently circulating accross the net. It has the capability to spy on users using webcams. " I'm surprised that it took this long.
This discussion has been archived. No new comments can be posted.

Peeping Tom Worm That Uses Webcams

Comments Filter:
  • by Anonymous Coward on Monday August 23, 2004 @03:20PM (#10049131)
    Mitch: And from now on, stop playing with yourself!
    Kent: It is God!

    Real Genius
  • Ewww.... (Score:5, Funny)

    by eln ( 21727 ) on Monday August 23, 2004 @03:20PM (#10049134)
    I don't think I want to see what's on the other side of that computer screen. I prefer to just believe what foxylady687783 tells me she's doing.
  • by romper ( 47937 ) * on Monday August 23, 2004 @03:20PM (#10049135)
    I wonder how long it will take for the writer(s) to regret this one. I mean, look at the demographic most likely to own web cams and leave them connected to their computer. Would you really WANT to spy on them?

    Now, if you could get your ex-girlfriend (or boyfriend, whatever) to install the trojan...
  • by MachineShedFred ( 621896 ) on Monday August 23, 2004 @03:21PM (#10049147) Journal
    ... a massive supply of horrible focus and bad resolution porn has started to show up on the Internet. Film(s) at 11.
  • by G4from128k ( 686170 ) on Monday August 23, 2004 @03:21PM (#10049151)
    Nothing for you to see here. Please move along.

    That's what I saw when I first clicked on the link to "Read More" for the /. home page. I guess I need that worm to read slashdot now.
  • heh (Score:4, Funny)

    by kafka93 ( 243640 ) on Monday August 23, 2004 @03:21PM (#10049154)
    Kinda funny that first clicking on the story brought up "Nothing for you to see here. Please move along." .. perhaps the /. editors have experienced this web cam worm thing first-hand and are.. covering up, so to speak?

    On second thoughts, no.. let's not even go there. *shudder*
  • even as a trojan! Imagine the emails..."click here now to see young, hot unsuspecting amateur teens!"

    who wrote this worm again, I wonder....?
  • by The Analog Kid ( 565327 ) on Monday August 23, 2004 @03:22PM (#10049161)
    I'm surprised that it took this long.

    I'm still waiting for the virus to be made that replaced the users background with the goatse.cx (or goat.cx, nowadays) man.
  • by over_exposed ( 623791 ) on Monday August 23, 2004 @03:22PM (#10049168) Homepage
    Uh oh... I'm going to have to point my web cam somewhere other than my "den of love" from here on out! How DARE they view me and not pay for it on a monthly basis!
  • Heh... (Score:5, Insightful)

    by FortKnox ( 169099 ) on Monday August 23, 2004 @03:23PM (#10049179) Homepage Journal
    Instead of fixes, I'll be expecting apps to pop up that allows you to view the victims. Some people will really get a kick outta this.
  • it sounds harmless enough... what's there to spy on anyway except male crotches...
  • by severoon ( 536737 ) on Monday August 23, 2004 @03:23PM (#10049181) Journal

    Anyone have any idea where these infected machines are listed? Can we get a peek? Cuz I just know that like 90% of unsuspecting hot women like to undress in front of their web cams!

    This is an idiotic virus, isn't it? Didn't the author take into account that way more than 99% of the time, webcams aren't pointed at anything interesting?

    • by Anonymous Coward on Monday August 23, 2004 @03:36PM (#10049356)
      Oh, but THANK GOD for that 1%!
    • It's the same principle as spamming: Sure, 99% of your attempts come to nothing, but the cost is virtually zero, and if you can find the fraction of a percent worth finding, you win.
    • by Geckoman ( 44653 ) on Monday August 23, 2004 @04:19PM (#10049896)
      The first exception to come immediately to mind is college dorm rooms. Fast internet connections, plenty of unpatched computers, and a single room that nearly all of your living takes place in. Limit your searches to college IP blocks, and you'd get much better results. Not many wild orgies, but certainly lots of normal day-to-day living stuff.

      You wouldn't catch much of interest in my home office now ("Ooo! Look! He's watching the printer!"), but when I bought my webcam back in college I intentionally sought out a model with a manual power switch and lens cover for this very reason.

      Just because you're paranoid doesn't mean they're not out to get you!

    • Didn't the author take into account that way more than 99% of the time, webcams aren't pointed at anything interesting?

      Yeah but it's that one percent that MAKES IT ALL WORTHWHILE.

      (not)
  • by savagedome ( 742194 ) on Monday August 23, 2004 @03:23PM (#10049187)
    Finch : God bless the Internet

    I whole heartedly agree.

  • IT?! (Score:3, Interesting)

    by sulli ( 195030 ) * on Monday August 23, 2004 @03:23PM (#10049192) Journal
    do the Editors expect IT Managers to use this worm to spy on their employees or something?
  • by hike2 ( 550205 ) on Monday August 23, 2004 @03:23PM (#10049194) Homepage
    Oh Oh So I'll finally get to see a full length movie of that girl featured on the perennial pop-up ads for the X10 cameras?

    Methinks that some bored kid got tired of all the webcam pron sites out there and went out to make his own "real" digital version of a voyeur binoculars

  • Whew! (Score:5, Funny)

    by ryanvm ( 247662 ) on Monday August 23, 2004 @03:23PM (#10049195)
    Whew! For a minute there I thought you said, "I'm surprised that it looks this long."
  • ``I'm surprised it took so long''

    What of the worm that replaces Windows by a Real OS?
  • by Anonymous Coward on Monday August 23, 2004 @03:24PM (#10049203)
    Meet the Peeping Tom worm By John Leyden Published Monday 23rd August 2004 14:56 GMT A worm that has the capability to using webcams to spy on users is circulating across the Net. Rbot-GR, the latest variant of a prolific worm series, spreads via network shares, exploiting a number of Microsoft security vulnerabilities to drop a backdoor Trojan horse program on vulnerable machines as it propagates. Once a backdoor program is installed on a victim's PC it's game over and an attacker can do whatever takes their fancy. But Rbot-GR comes pre-loaded with functionality specifically designed to control webcam and microphones. Other variants of the worm do not come with this "Peeping Tom" routine, according to AV firm Sophos. "If your computer is infected and you have a webcam plugged in, then everything you do in front of the computer can be seen, and everything you say can be recorded," said Graham Cluley, senior technology consultant for Sophos. "It would be like having a regular web cam conversation except you wouldn't know you're taking part in it." Aside from its voyeuristic behaviour, the Trojan component of the worm will attempt to steal registration information for games and PayPal passwords from infected machines. It's a thoroughly nasty piece of code so it comes as some relief that Rbot-GR hasn't particularly widespread. Sophos has received only as handful of reports about the worm and most vendors rate it as a medium-risk threat. As usual, Rbot-GR is a Windows-only menace. ®
  • by Anonymous Coward on Monday August 23, 2004 @03:24PM (#10049206)
    I still don't know if it was real or not, but it popped up once on a search for Back Orifice many many years ago, back when BO was still commonplace. It consisted of a simultaneously taken screenshot and webcam picture. The screenshot was just Windows, with a little error dialog that had suddenly popped up saying:
    As your computer, I think we need to have a talk. You've got a girl sitting there on the bed behind you, and yet you're sitting here using me. Have you ever considered that you might be gay?
    Accompanied with this was a simultaneous snapshot from the computer's webcam, revealing a guy, with his girlfriend laying on the bed reading something behind him, sitting in front of his computer shirtless, staring at the screen in complete and utter dumbfoundment.
  • by anandamide ( 86527 ) on Monday August 23, 2004 @03:24PM (#10049208)
    But how a Virus installs the webcam on your computer is beyond me!
  • by The-Bus ( 138060 ) on Monday August 23, 2004 @03:24PM (#10049215)
    Place your sign against a wall, point the webcam to it. Sign says,

    WE KNOW WHO YOU ARE. WE ARE CALLING YOUR PARENTS.

    Sure, you never find out what happens, but it might be fun.
  • Physical Security? (Score:4, Insightful)

    by bamberg ( 9311 ) on Monday August 23, 2004 @03:25PM (#10049224)
    Seems like physical security is the only way to be truly certain that your webcam isn't spying on you. Unplug it or cover it up or something when it isn't in use.

    I wonder how long it'll be before web sites start popping up with unauthorized videos from hijacked webcams.
    • by windex ( 92715 ) on Monday August 23, 2004 @03:50PM (#10049527) Homepage
      The silly part, to me, is that newer webcams have:

      a) privacy shades that go over the lens, as part of the camera

      b: LED's that light up when the camera is 'in use'.

      What I don't get is that people are buying webcams without at least those two basic features? I have a logitech quickcam pro and it even lights up when JUST the microphone interface is being accessed.
  • I remember several christmases ago the "original" elf bowling spread it's way through e-mails. I heard that the program did the same as this worm and activated peoples webcams, and streamed it to one guys website/computer whatever. He then supposedely published the more comical movies that he made. I can't verify if this is true, or just a fun rumor that I heard...
  • Sub Seven... (Score:5, Interesting)

    by linuxrunner ( 225041 ) on Monday August 23, 2004 @03:26PM (#10049242)
    Sub 7 / BO and others have given the user *cough* kiddie *cough* this ablility for some time.

    Sure they're not a worm, but the idea isn't new.

    Funny now that I think about it, but I used to use Sub 7 on my home computer so I could access it from anywhere via an odd port and password protected. I could view my web cam, take control of my computer, ftp files upload and download to where-ever I was.

    Honestly, it was an extremely useful program. And when I was done, I'd just shut down the server.

    I've moved over to linux so I can ssh now, but as windows went, it was still one of the best remote programs I've ever used.

    • Re:Sub Seven... (Score:4, Insightful)

      by bugnuts ( 94678 ) on Monday August 23, 2004 @03:39PM (#10049388) Journal
      Aye, but be wary of using Backorifice... the encryption is about as trivial as rot13, so anyone can root your box.

      I don't know what kind of protections sub7 gives, but I'd be wary of that, too. Generally, these programs were written by hax0rz ... definitely not cryptographers.
      • Re:Sub Seven... (Score:3, Insightful)

        by Erik Hensema ( 12898 )

        Encryption is a bit overrated since it's pratically impossible to snoop into a tcp connection on the real internet. And when it's possible, it still has to be done. By someone who gives a damn (eg. not a professional sysadmin). Heck, with all those exploits in openssh, telnet may be the safer option.

        However, I still prefer my connections encrypted, you never know ;-)

  • by Jason1729 ( 561790 ) on Monday August 23, 2004 @03:27PM (#10049254)
    put black electrical tape over the lens when not using the camera. I thought most people did something to cover the lens or plug the camera.

    Jason
    ProfQuotes [profquotes.com]
  • Wow... (Score:5, Funny)

    by Jugalator ( 259273 ) on Monday August 23, 2004 @03:27PM (#10049257) Journal
    Geeks can just go any lengths to meet a girl. :-o

    I'd like to know the guy (I assume it's a guy) that made this virus. "Woo, I just got this idea -- if I write a virus to see other users, I might see pr0n!"

    Hmm, on second though I'm not sure I'd like to know him. :-S
  • Old news. (Score:3, Funny)

    by Vermifax ( 3687 ) on Monday August 23, 2004 @03:29PM (#10049278)
    http://douglas.min.net/~drw/mirrors/altern.org/bo2 kfun/best.html
  • by therealfitzman ( 807672 ) on Monday August 23, 2004 @03:30PM (#10049292) Homepage
    I have several people I will be buying webcams for. I'll make sure I install the 'drivers' as well.
  • Surpised? (Score:5, Funny)

    by ackthpt ( 218170 ) * on Monday August 23, 2004 @03:33PM (#10049321) Homepage Journal
    I'm surprised that it took this long.

    C'mon, what are you expecting to see, really? People making out infront of their cameras? Ha!

    More likely:

    Some drone plodding away at a spreadsheet

    A gamer wondering why his framerate just dropped 10% on d00m 3

    George W. Bush picking his nose and rolling it into a little ball

    A guy with a big beard and mustache, wearing a bedsheet over his head, two-finger typing instructions to a cell to get him early tickets to Sky Captain and the World of Tomorrow, before staging this next deadly attack.

    CowboyNeal with food stains all down his tshirt (ecch!)

    J. K. Rowling gnawing on the pencil while deciding how the next character dies in Harry Potter. 'Zapped .. eaten .. hmmmm...'

    A couple of norwegian guys with a couple paintings propped against the wall behind them.

    A Slashdot moderator about to zap this post -- 'Worst post ever!'

    William Shatner writing lots of kissing and strutting scenes into his appearance in Enterprise and removing that bit where he's required to act without his toupee on.

    An ILM designer creating the next 'Jar Jar' character -- 'No, make it look more like Hello Kitty...

    Honestly, voyeurism is this desperate?

  • Sub7 [lockdowncorp.com] and Netbus [t-online.de] have been able to do this for _years_. What's the big deal?
  • Sorry you missed out on the whole BackOrafice thing, which had both of the functionalities of this worm. It was a fun time in the computer world... where were you?

  • by Mateito ( 746185 ) on Monday August 23, 2004 @03:41PM (#10049413) Homepage
    This may very well turn out to be the incentive I need to break my nose picking habit.
  • by Minwee ( 522556 ) <dcr@neverwhen.org> on Monday August 23, 2004 @03:47PM (#10049485) Homepage
    That concept is hardly new. Back In The Day, Sun workstations used to ship with live microphones built in to the case which had open access rights. Want to listen to a meeting in someone's office? Just telnet to their desktop.

    It's not quite the same as a camera, but it was twenty years ago.
    • by JUSTONEMORELATTE ( 584508 ) on Monday August 23, 2004 @08:46PM (#10052244) Homepage
      Not quite 20 years, since the Sparc didn't ship til 1990-ish, and the Sun3 didn't have the microphone.
      Just the same, the mic and the speaker were really nifty. I was working on homework one night at around 2am, and noticed that a buddy was logged in on console in a lab of 15-20 sparcs. I checked the other machines, and he was the only one (logged in) in the lab, so I hacked out a quick shell script to rsh to each host and cat /usr/demo/laughter.au (or whatever the sample was called -- the one with several people laughing) to /dev/audio, placing each rsh in the background so all of them went off more-or-less at the same time.
      A few minutes later, he wasn't logged in anymore.
  • by ianbnet ( 214952 ) on Monday August 23, 2004 @03:52PM (#10049554)
    Seriously, if someone comes across it, I'm going to second calls for a major /. voyeur party. Just figure out where this thing drops its imagery...

    I'm all about pictures of 15-yo gamers picking their nose in front of Doom3. I'd laugh my ******* *** off.
  • by m2bord ( 781676 ) on Monday August 23, 2004 @04:00PM (#10049656) Homepage Journal
    i'd like to get a version of that and change it a little. what i'd like it to do is open a window and loopback the feed to the host computer. just imagine the look on someone's face when they realize that they are looking at images of themselves from say two minutes prior.
  • Solution (Score:5, Funny)

    by Dachannien ( 617929 ) on Monday August 23, 2004 @04:03PM (#10049689)
    Just point your webcam back at your monitor, and surf the IT portion of Slashdot. The voyeurs out there watching your webcam will go blind in short order.

  • by Lispy ( 136512 ) on Monday August 23, 2004 @04:09PM (#10049761) Homepage
    my Logitech Color Quickcam with Kernel 2.6.7 it is highly appreciated. ;-)
  • by Dharma ( 41782 ) on Monday August 23, 2004 @04:36PM (#10050130)
    Give 'em something REALLY good to look at.

    Scatter a bunch of fake corpses around your room. Splatter a little fake blood and gibs around for good measure, and then put a radial arm saw and sausage grinder off in a corner.

    If you suspect the cam is active, throw on a bloody goalie mask and say into the camera... "I know where you live...."
    • by Laplace ( 143876 ) on Monday August 23, 2004 @05:38PM (#10050768)
      Alfred Hitchcock liked playing a similar practical joke on people. If he and a friend were in an elevator, and other people he didn't know stepped into the elevator with them, he would turn to his friend and say something like "oh yes, there was blood everywhere. Blood all over the walls, soaked into the carpet, on the door handle..." He would stretch talk like that out until he and his buddy left the elevator, leaving the context of the conversation as a mystery for the other occupants.
  • by antdude ( 79039 ) on Monday August 23, 2004 @04:45PM (#10050236) Homepage Journal
    http://images.slashdot.org/topics/topicworms.gif [slashdot.org] is not a worm! It's a captepillar. I do have to admit that it is a nice graphic.
  • by Anonymous Coward on Monday August 23, 2004 @04:52PM (#10050319)
    I've never coded a trojan, or even downloaded on on purpose. But I've always wondered why they didn't use the victoms machine better. Setting up a web page on it and then "auto-spam" the url to people using email, p2p, messanger type applications. They could offer a glimpse into someones computer, web camera like your tipical porn site. And then have a option to 'Find other camera' or 'view full page viedo' something along that line, where the user is mislead into installing the 'worm/trojan' on their own computer. In return for installing the trojan they could get better quality, and a list of other infected hosts. After completing the 'registration' or what ever the perps computer would become another infected 'node'. This could lead not only initial infections from exploits, and 'mail clickers', but to a second group of uneducated users who choose to abuse the problem and in the process 'help' spread the infection by people actualy telling their friends about the cool new underground site they found. Make it some nice p2p network and you could have a 24/7 voyuer network set up. Kinda a subseven/kazza type back door hidden, And a interface on a webport allowing others to access the network who don't even need to be infected. The common user would only think, i'm only visiting a site, I'm not running anything on my computer.
  • iSight (Score:5, Informative)

    by GnrcMan ( 53534 ) * on Monday August 23, 2004 @09:05PM (#10052352) Homepage
    I pretty much expected this at some point. Which was why I was pretty impressed when the Apple iSight included a physical shutter. If you twist it open, it automatically launches iChat AV. Twist it closed, and no one can see you unless they figure out how to patch the firmware with x-ray vision support!
  • by chongo ( 113839 ) * on Tuesday August 24, 2004 @02:07AM (#10053734) Homepage Journal
    It is not a total loss to just cover up your webcam. In addition to the added privacy, a covered webcam makes a great random number generator [lavarnd.org]!

    All of our webcams [lavarnd.org], except one [lavarnd.org], are covered [lavarnd.org]. :-)

Business is a good game -- lots of competition and minimum of rules. You keep score with money. -- Nolan Bushnell, founder of Atari

Working...