RATs are committing identity theft via webcams

• Tweet

March 2nd, 2010 - Posted by Robert Siciliano

Robert Siciliano is a NextAdvisor.com Expert Guest Blogger

A webcam is certainly one way the bad guy can gain intelligence about you. They can use it to spy on you. They can listen in to everything you say all day. They know when you are home or not, whether or not you have an alarm—they watch you. But in my opinion, the real issue here isn't the webcam, but the technology that allows for full remote control access to your network.

If you are a cave-dwelling unabomber you may have missed the story about the family, who is already involved in numerous civil judgments, suing their son's school for spying on him with the school issued laptop. Apparently, it's not OK to spy on students who are issued a school laptop.

The school apparently installed laptop tracking software that is designed to find a stolen laptop. Laptop tracking often uses GPS, or IP-based technology that provides location-based information when plugged into the Net. The trick to this particular laptop tracker was a peeping Tom technology called a RAT, aka a Remote Access Trojan.

RATs can capture every keystroke typed, take a snapshot of your screen and even take rolling video of you. But what's most damaging is the full access to your files, and if you use a password manager they may have access to that as well.

RATs generally monitor a PC without the user's knowledge. RATs are a criminal hacker's dream and are the key ingredient in spyware. Common RATs are Backdoor Orifice and LANRev Trojan. It was the latter RAT that allowed the school district full remote access to the student's laptop, at his home and in his bedroom. Creepola!

Now the FBI is in the fray. According to the original complaint, the student was accused by his school's assistant principal of "improper behavior in his home" and shown a photograph taken by his laptop as evidence. That kind of backdoor slap on the hand for home-based bad behavior certainly raises an eyebrow. For every action there is a reaction, as they say.

RAT installation can be done by someone with full onsite access to the machine, or remotely through malware propagated by an infected attachment, malicious links in a popup, or a permissioned toolbar or other software. A RAT can come from a thumb-drive found on the street or in a parking lot, and even from off-the-shelf peripherals like a digital picture frame or an external hard drive that's infected in the factory. The bad guys can also trick a person when playing a game as seen here in this YouTube video.

There are plenty of remote access programs that use legitimate back door technology that we use every day. Examples include Radmin and GoToMyPC remote access. Your desktop has "remote desktop" which acts in a similar way. There are a dozen iPhone Apps that do the exact same thing.

Considerations:

An unprotected PC is the path of least resistance. Use anti-virus and anti-spyware. Run it automatically and often.

A PC that's not fully controlled by you is vulnerable. Use administrative access to lock down a PC, preventing the installation of unauthorized software.

Many people leave their PC on all day long. Consider shutting it down when it's not in use.

Unplug your webcam if you are freaked out by it. If it's built in to your laptop cover it up with tape. You may also be able to disable it on startup, uninstall it and remove the drivers that make it work.

And invest in identity theft protection.

Protect your identity.

1. If you think you're a victim of identity theft, find out how to get a credit freeze. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in anti-virus and keep it auto-updated.

3. With your iPhone get my book as an App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

4. Invest in identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk.

Robert Siciliano Identity Theft Speaker discussing Webcam Spying on The CW, New York

Robert Siciliano is CEO of IDTheftSecurity.com, an identity theft expert, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 companies and startups as an advisor on product launches, branding, messaging, representation, SEO and media. Siciliano's thoughts and advice on all these matters appear often in both the televised and print news media including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of security training as a member of the American Society of Industrial Security. He is the author of two books, including The Safety Minute: Living on High Alert; How to take control of your personal security and prevent fraud. He's also partnered with Intelius to help raise awareness about the growing threat of identity theft and to provide tips on how you can protect yourself.