Johns Hopkins University researchers in December published the results of a study in which they were able to show how MacBook iSight cameras can be accessed and turned on without a person's knowledge, and without its indicator light. It's the first public confirmation that such activities are possible.
iSeeYou: Disabling the MacBook Webcam Indicator LED
The research focused on MacBooks and iMacs from before 2008, but the study's authors, computer science professor Stephen Checkoway and graduate student Matthew Brocker, showed how to get around Apple's security features and said similar techniques to access webcams can also be used on newer models.
Apple computers have a "hardware interlock" designed to make sure a camera's indicator light is on whenever the camera is active. But the computers operate using a series of chips that can be independently exploited, the researchers write in "iSeeYou: Disabling the MacBook Webcam Indicator LED."
Researchers were able to get around Apple's security steps by reprograming the chip inside the camera, called a "micro-controller," allowing them to activate the camera and light independently from each other. Apple didn't provide "any possible mitigation plans," when contacted by the researchers.
In Oct. 2013, Jared Abrahams pleaded guilty to extortion after using software to remotely take compromising pictures of dozens of women with their own computers and then trying to blackmail them. One of his victims was a high school classmate, Miss Teen USA Cassidy Wolf.