Ex-NSA Hacker Reveals Another Zoom Flow – Affecting macOS Users’ Webcam and Microphone

  • A researcher unveils two zero-day flaws that concern the macOS version of Zoom, the digital meetings app.
  • The first bug makes privilege escalation possible, while the second can share the microphone and webcam access.
  • Both exploits happen silently, without user prompts or interaction or any indication of what’s going on.

It seems like there’s no end to the revelations that concern Zoom’s security flaws, one of the currently most popular video-conferencing applications out there. The software unlawfully shared user data with Facebook and leaked people’s email addresses and photos to complete strangers. Moreover, Zoom can leak Windows login credentials to hackers, and it is making false claims about end-to-end encryption tricking high-profile individuals into trusting it. And now, on top of all that, a former NSA hacker named Patrick Wardle reveals a way to exploit Zoom to access the user’s microphone and camera and record things arbitrarily.

Source: objective-see.com

As Patrick Wardle explains, the attack is actually based on the exploitation of two specific bugs, and it must be launched locally. It means that the malicious person needs to have physical access to the target computer, which is quite hard in the days of self-isolation that we’re currently going through. First, Zoom is using a set of installation scripts to unpack everything needed on macOS, without having to serve the users too many annoying dialog boxes. While this is convenient, it is also unsafe, as someone without root access to the system could potentially inject malicious code into the Zoom installer and automate a privilege escalation procedure.

The second bug is based on the sharing of the Zoom access permissions with any other program, like malware or spyware that could be planted on the system by exploiting the first flaw. As Zoom has access to the user’s webcam and microphone, someone could silently piggy-back this access without displaying a prompt to the user. The fault lies in the fact that Zoom allows malicious code to be injected into its process space, and the most worrying part of that is that the developers of the app have placed a specific exclusion to allow this.

beyond root
Source: objective-see.com

Wardle concludes his write up by saying: “So, what to do? Honestly, if you care about your security and/or privacy, perhaps stop using Zoom.” While it’s true that the scrutiny through which Zoom is going right now has yielded many things to worry about, it remains one of the best digital meeting tools in existence – it’s free for up to one hundred participants, supports all platforms, is easy to set up and use, can maintain consistent HD video quality, and features a polished user interface. Just don’t use it in critical situations, and make sure to employ any available updates immediately.


Recent Articles

Xiaomi Looking to Deploy Massive Upgrades on the MIUI 12 Camera App

Xiaomi wants to make the MIUI 12 Camera app as exciting as it can be, and is experimenting with a set of new...

Cerberus Was Found Lurking on the Google Play Store

The Cerberus app wore the sheepskin of a Spanish currency converter app and entered the Play Store. The app followed the tactic...

The “Music Mission” Anti-Piracy Campaign Makes Stunning Revelations

The “Music Mission” has released its first findings around pirating platforms, and the size of some is startling. What is more alarming...

The Vast Majority of Home Routers Are Vulnerable in One Way or Another

Many router models that are sold in Europe are vulnerable to exploitation using known flaws. Most vendors are using unsafe securing methods,...

H.266/VVC Codec Officially Announced – Bringing Higher Quality Video While Drastically Reducing Data Consumption

Currently, the H.265 HEVC is the most popular video codec in consumer devices, processing over 90% of video bits on the global level. ...