Communications of the ACM

Home/News/A Zoom Flaw Gives Hackers Easy Access to Your Webcam/Full Text

ACM TechNews

A Zoom Flaw Gives Hackers Easy Access to Your Webcam

By Wired
July 16, 2019
Comments

View as: Print Mobile App Share:

Zoom Video Communications provides remote conferencing services via the cloud. — Hackers can still exploit vulnerabilities in the Zoom videoconferencing desktop app to commandeer a user's Webcam, a security researcher warns.

Credit: Mark Lennihan/AP

Security researcher Jonathan Leitschuh warns hackers can exploit vulnerabilities in the Zoom videoconferencing desktop app to commandeer a user's Webcam.

Using this technique, attackers can set up a malicious call and fool Zoom users on Apple computers into clicking a link to participate, then add their video feed to monitor whatever the Webcam is directed toward.

Leitschuh said hackers also could launch denial-of-service attacks against Mac computers, using the same technique to inundate them with 'join' requests.

Although Zoom patched this flaw several months ago, it is only now adjusting auto-join video settings, to give users a more prominent way of opting to have video feed automatically launch when they click a call link.

Leitschuh said the patch cannot resolve privacy issues, or the underlying insecurity of the seamless flow that allows Zoom to launch calls from meeting URLs.

From Wired
View Full Article

No entries found

A Zoom Flaw Gives Hackers Easy Access to Your Webcam

NVMe Consortium Polishes Its Specs to Support Computational Storage

Virtual and the Future of Conferences

Niklaus Wirth and Beyond: Safeguarding the Intellectual Heritage of Computing