Jo Best : silicon.com : August 23, 2004

A new worm has been discovered in the wild that’s not just settling for invading users’ PCs – it wants to invade their homes too.

The Rbot-GR virus follows a fairly traditional malware route of exploiting Microsoft security vulnerabilities and installing a Trojan horse on infected machines. However, the worm also spies on users by taking control of their webcam and microphone, then sending images and soundtracks back to the hackers, according to antivirus firm Sophos.

As well as getting an insight into homes and businesses across the world, the worm also allows the malware writer to take a look at information on the infected machine’s hard drive and to steal passwords, as well as launching denial-of-service attacks.

Graham Cluley, senior technology consultant at Sophos, said that the virus could be used for industrial espionage – or simply by a nosey hacker to take a look into people’s bedrooms.

“Whether this worm is the work of professional snoopers or lusty teenagers – it’s hard to say for certain. What we do know if that there have been a few hundred different versions of the Rbot worm, all of which have been designed to gain some kind of remote access to innocent users’ data. This one goes further by also specifically collecting webcam footage,” Cluley said. “It seems more and more hackers are building a cocktail of different functionality into their creations.”

For those who have the virus, they may be unaware their every move could be being tracked by remote hackers. An infected webcam may show an “active light” when it’s being used but for webcams without such light, there’s no giveaway the hacker is watching.

There is, however, one simple way to dodge the prying eyes of the malware merchants – just unplug or switch the webcam off when it’s not in use.