acm-header
Sign In

Communications of the ACM

Home/News/A Zoom Flaw Gives Hackers Easy Access to Your Webcam/Full Text
ACM TechNews

A Zoom Flaw Gives Hackers Easy Access to Your Webcam

By Wired
July 16, 2019
Comments
View as: Print Mobile App Share:
Zoom Video Communications provides remote conferencing services via the cloud.

Hackers can still exploit vulnerabilities in the Zoom videoconferencing desktop app to commandeer a user's Webcam, a security researcher warns.

Credit: Mark Lennihan/AP

Security researcher Jonathan Leitschuh warns hackers can exploit vulnerabilities in the Zoom videoconferencing desktop app to commandeer a user's Webcam.

Using this technique, attackers can set up a malicious call and fool Zoom users on Apple computers into clicking a link to participate, then add their video feed to monitor whatever the Webcam is directed toward.

Leitschuh said hackers also could launch denial-of-service attacks against Mac computers, using the same technique to inundate them with 'join' requests.

Although Zoom patched this flaw several months ago, it is only now adjusting auto-join video settings, to give users a more prominent way of opting to have video feed automatically launch when they click a call link.

Leitschuh said the patch cannot resolve privacy issues, or the underlying insecurity of the seamless flow that allows Zoom to launch calls from meeting URLs.

From Wired
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account