A new variant of the Rbot worm has the ability to take over users’
webcams and use them to spy on people in their offices and homes.
Rbot-GR is not widely spread at this point but at least one analyst says
it may be the first wave for a new type of malware.
”It’s a little bit creepy,” says Graham Cluley, senior technology
consultant for Sophos Inc., an anti-virus software company based in
Lynnfield, Mass. ”People are used to the idea of worms spreading and
collecting data from their hard drive… Obviously, this could be used
for industrial espionage but more likely it’s being done because it’s
possible. If I infect 1,000 computers, maybe there would be one or two
where there’s something really interesting to watch.
”It’s akin to having a closed circuit television camera in your
house,” he adds.
The Rbot-GR worm spreads via network shares, exploiting a number of
Microsoft security vulnerabilities, installing a backdoor Trojan
horse as it travels. The worm specifically looks for computers that
already have been infected with the MyDoom worm.
Once installed on an infected computer, remote hackers can easily gain
access to the information on the PC’s hard drive and steal passwords, as
well as spy on innocent users via their webcam and microphone.
Cluley says this worm is evidence of a growing trend of more and more
malware spying on innocent home computer owners and businesses
that are lax in protecting their networks.
”It’s just a taste of things to come,” says Cluley. ”I wouldn’t be
surprised if virus writers don’t drop this code into future worms.
They’ll get a subversive kick out of it. They might want to see what’s
going on in people’s bedrooms and people’s offices. If you have webcam
and your computer gets hacked, you need to realize that your webcam is
in jeopardy.”
Cluley says he’s concerned about all the people who installed a webcam
and then forgot they have it.
”One of the dangers is that when you buy a computer, it will come
bundled with a webcam,” he explains. ”They might plug it in and then
they realize that the telephone is easier to use. And they forget about
it. You might forget that it’s even plugged in there. If you’re not
using it, just unplug it.”
Editor’s note: This article was originally published on the eSecruity Planet site.