A former NSA employee named Patrick Wardle demonstrated during this day a new type of malware that can be used to access the webcam of any type of Mac. Separated from the cameras of the Apple computers, the former NSA employee is able to activate including the microphone to listen to any kind of conversations held by the user.
Wardle's malware is designed in such a way that the Mac's webcam is accessed only when there is an active video feed already made by the user. This mode of operation removes the activation of the green LED of the camera, which tells the user that it is active and he can be seen by someone.
The same former NSA employee also discovered other OS X vulnerabilities that allowed unsigned applications to run even when the Gatekeeper system was active. Moreover, he discovered another vulnerability that allowed a person with access to the Mac to obtain administrator privileges and control the computer without restrictions.
The vulnerability demonstrated by this former employee of the NSA demonstrates the fact that Apple does not secure its laptops sold all over the world that well. However, the good part in this whole story is that the camera cannot be activated without the user knowing, its LED lighting up for unauthorized or authorized activation.
"After examining various 'webcam-aware' OS X malware samples, the research will show a new 'attack' that would allow such malware to stealthily monitor the system for legitimate user-initiated video sessions, then surreptitious piggyback into this in order to covertly record the session. As there are no visible indications of this malicious activity (as the LED light is already on), the malware can record both audio and video without fear of detection.”
