An APT… through your webcam - How attackers can hijack your computer through its webcam — and how to stop it. www.kaspersky.com/blog/badc…

Computer webcams have long been suspected of peeping on folks; nothing unusual about that. But now they’ve found a new role in conventional cyberattacks. At the recent BlackHat conference in Las Vegas, researchers presented the BadCam attack, which allows an attacker to reflash a webcam and execute malicious actions on the computer it’s connected to. Essentially, it’s a variation of the well-known BadUSB attack; the key difference is that with BadCam attackers don’t need to prepare a malicious device in advance — they can use a “clean” webcam already connected to the computer. Another unwelcome novelty is that the attack can be carried out completely remotely. Although the research was conducted by ethical hackers, and BadCam hasn’t yet been observed in real-world attacks, it won’t be difficult for criminals to figure it out and reproduce the necessary steps. That’s why organizations should understand how BadCam works and implement protective measures.