How to tell if your smartphone camera is hacked?

Camfecting is a reality of today and it may affect any of the 6.6 billion people in the world who own a smartphone

camera hack

How to tell if your smartphone camera is hacked? Source:

Your smartphone is most likely the thing which is next to you 24/7. According to a survey conducted in February 2021, nearly half of the respondents stated that on average they spent 5-6 hours on their phone on a daily basis, not including work-related smartphone use. What if someone has been watching you all this time you’re browsing the web, texting your friends or making Tik-Tok videos?

What’s camfecting and how does it work?

Camfecting is hacking into a person’s webcam and activating it without the owner’s consent. Not only can hackers make videos and photos of your personal life in this case, but also they may gather restricted or sensitive information as they can watch and see anything within the webcam’s reach (like documents on your work table or bank card you use for online payments). Besides, the remote-control malware also gives them access to your personal files, messages, and browsing history.

There are no official statistics on the webcam hacking instances, so we don’t know how often that happens. In fact, device owners may not be aware of the camfecting for a long time, until  malefactors contact them with blackmail threats. Basically, the mechanism behind camfecting attacks is remote access to your smartphone. Someone who wants to access your phone can send you a spy app installation link. They do so in a concealed manner not to raise your suspicion. There are a number of ways criminals may trick you into visiting a malware link, including emails and other messages, news headlines, pop-up windows, etc.

Malefactors also often impersonate a trusted party to lull your vigilance. Third-party remote tech support services, while convenient, are full of scammers and hackers who’ll take advantage of the access you grant them to your devices. Genuine remote tech support usually comes from your official retail service provider.

Some spying apps can also hack users’ webcams remotely if some personal details like iCloud credentials or the phone’s IP address are known to the hacker. These methods can be applied in a targeted camfecting attack.

Remote access Trojan (RAT) programs also enable administrative control over the infected device. Thus, depending on the malware purpose, hackers can monitor user behaviour through keyloggers or other spyware, access confidential information, such as credit card and social security numbers, activate a system’s webcam and record video, take screenshots, distribute viruses and other malware, format drives, delete, download or alter files and file systems.

As for webcam access, smartphones don’t usually have a light indicator signalling that your camera is on, as most laptops do. Therefore, it’s harder to tell if your smartphone is compromised.

How can you check whether your smartphone’s camera has been hacked?

  1. Use the camera. Zoom the image in and out. Pay attention to the speed of actions. If your camera reacts too slowly, some remote access tool may be using it.
  2. Your battery suddenly starts dying too fast. If your phone is hacked, it is likely the attacker will be using a lot of your mobile data.
  3. Transferring video/image files from your webcam to a remote server will require a lot of traffic.
  4. Your phone acts strangely. For instance, it turns off unexpectedly or becomes slow and unresponsive. This is a general sign of malware running in the background.
  5. Look for the unfamiliar files in your webcam’s storage folder. Check if the storage folder settings haven’t been changed without you knowing.
  6. Some antivirus systems like Avast offer additional Hack Check services to find out whether your email and associated passwords leaked online. If that is the case, it’s likely that all associated devices may get compromised including your smartphone.
  7. Check the list of applications which have access to your camera. If there are any you don’t recognise, hacking may have taken place. It’s important to routinely check up on app permissions.

When a user grants an app access to their camera and microphone, the app could potentially do the following:

  • Access both the front and the back camera.
  • Record you at any time the app is in the foreground.
  • Take pictures and videos without telling you and upload them immediately
  • Run real-time face recognition to detect facial features or expressions.
  • Livestream the camera footage onto the internet.
  • Upload random frames of the video stream to your web service and run a proper face recognition software which can find existing photos of you on the internet and create a 3D model based on your face.

To see the list of apps that have such sensitive camera permissions on your Android phone:

  • Open the Settings menu by swiping down from the top of the screen to open the notification shade. Tap the gear icon.
  • Go to the “Privacy” section. Select “Permission Manager.” It lists all of the different permissions that apps can access. Choose “Camera” and “Microphone.”
  • The Permission Manager will display the apps in four sections: “Allowed All the Time,” “Only While in Use,” “Ask Every Time,” and “Disabled.”
  • Check for unknown apps and limit the permission for those apps that are allowed to access the webcam all the time.

If you use an iPhone:

  • Open “Settings” by tapping the gear icon.
  • In “Settings,” tap “Privacy” > “Camera.”
  • You’ll see a list of apps that have asked you for camera access in the past.
  • If you want to remove access for any app, just turn the toggle off. If you then use the app and realise why it needed access, you can grant it again if prompted or head back to Settings > Privacy and turn that toggle back on.

The iOS 14 and iPadOS 14 updates have additional functionality. If you’re currently using your camera or microphone for an app, you’ll see an indicator at the top of your screen. In addition, you can see which app is using that tool currently along with which app used it last.

If there’s a green dot on the top right of your screen, some app is using your webcam. And for apps using your microphone, that dot will be orange.

What can happen if your smartphone’s camera got hacked?

Some hackers want to capture images or videos of the other person in a compromising position to blackmail him or her. This may work especially when it comes to a person with certain political or business power, social media influence, etc. People under risk of unflattering exposure may be willing to pay money so that their reputation is unstained. Therefore, many webcam attacks are targeted, well-planned and deliberate.

Nevertheless, not all the webfecting is precisely targeted. Some hackers would just look for naked people (mostly women) for their perverted purposes. Or else, they may combine watching nude people with blackmailing them in so-called “sextortion” schemes. The famous case of Jared James Abrahams who secretly activated webcams and threatened to publicly release images of dozens of young women including Miss Teen USA, Cassidy Wolf, is just one example of such blackmail. With smartphones following users at any place they go, including the bathroom, the chance of getting intimate images gets higher.

At the same time, cybercriminals also attempt tricking people that they’ve been caught by a webcam hack without actually compromising the device. Thousands of spam emails claim that users have been “caught” on camera while visiting adult websites. They threaten to distribute the video to your friends and family within hours, unless you pay into the hackers’ Bitcoin account. In fact, this is just another type of phishing scam rather than actual camfecting. Nevertheless, the receivers of such sextortion emails are often paying money to criminals out of shame. They assume that anyone can spy on them at any time, or can even distort their real images to create the fake appearance of impropriety.

In addition, when a Trojan virus infects a device, it’s not just the webcam that is remotely accessed, it’s the whole smartphone file system that’s affected. This means access to sensitive files, photos, banking data, social media and more. Besides, the IoT brought us networks of connected devices. Your infected phone may send Trojan malware across the household network and more devices get hacked.

How to prevent a hack

Common cybersecurity principles apply to camfecting attacks as well.

  • Regularly scan your smartphone for malware. Remember to keep your antivirus system updated.
  • Use the services of trusted tech assistants. Always protect your personal data before allowing a technician to access your smartphone. After their work is completed, it’s also a good idea to change the password to any program or system that the technician had remote access to.
  • Manage camera and microphone settings for the apps you download and the Internet browser you use. Disable the permission for the ones you don’t require.
  • Check the webcam default settings. Pay attention to the storage folder and look for unknown files.
  • Enable the firewall. It protects your system by monitoring the network traffic and blocking suspicious connections.
  • Don’t follow links or open attachments in suspicious emails.
  • Use strong passwords which are regularly updated or biometric authentication where possible.
  • Always use a VPN to secure your Wi-Fi connection and protect yourself while using a public Wi-Fi. Don’t use public networks unless it’s really necessary.

SEE ALSO: