• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Surveillance

Bug Lets Chrome Stealthily Record Audio and Video

May 30th, 2017 Jahanzaib Hassan Surveillance, Privacy, Security 0 comments
Bug Lets Chrome Stealthily Record Audio and Video
Share on FacebookShare on Twitter

Chrome might have a lurking bug that lets websites record your audio and video content without you even knowing. That is, Chrome usually has a red indicator being displayed in a tab where the video content is being recorded. However, according to a researcher, such an indication may not always be present.

The flaw: Ran Bar-Zik is a web developer who works at AOL and is the person who found the flaw in Google Chrome.

According to Bar-Zik, the bug allows a website to record video and audio content once a user grants the website permission to do so. Nevertheless, there can sometimes be no indication that such recording is taking place.

Although the bug is quite harmless, the researcher, however, claims that it can be exploited for more sophisticated attacks, reports BleepingComputer.

[irp posts=”25562″ name=”Flash Player Bug Records Audio and Video without User Permission”]

The red circle: When a website is recording a video or audio, a red circle shows up in a tab. This tab belongs to the window where the code is being executed to facilitate the recording.

However, Bar-Zik found that this may not be the case. This is because such content only starts to get recorded once a user grants permission to do so.

This may mean that a small pop-up window may be executing the code for recording audio and video content. Since a pop-up window does not have a tab, the red circle will not be shown and hence the user may be unaware that his/her video or audio is being recorded.

This can also take place within a very small pop-up that can go unnoticed by the user.

Chrome may be stealthily allowing video and audio recordings / Image Credit: BleepingComputer

What’s the issue?  You may be wondering as to why the researcher is so serious about the flaw. Essentially, the researcher believes that users sometimes accidentally grant permission to various websites to record video and audio content.

They can do so without even realizing what the permission was about and hence not know that it was for recording video and audio content. As such, attackers may exploit the bug by tricking the user to grant permission and start recording a user’s video and audio to possibly perform a sort of secret espionage on the user.

Furthermore, Bar-Zik says that the attacker can start recording even without having a website ask for permission in the first place. They do so by exploiting yet another flaw associated with cross-site scripting.

[irp posts=”28387″ name=”Google Chrome Browser Listening To Your Conversations without Permission”]

Issue reported to Google: The issue was immediately reported to Google after it was discovered. However, Google replied that the issue does not pose a security threat and that the red dot does not appear on mobile devices anyway.

Furthermore, Google says that the user is required to give permission and it is the user’s responsibility to read what the permission is about before granting it.

This applies especially to those who are in newer versions of Chrome since the red dot indication is not available in them.

As such, it is the user’s responsibility to avoid granting permissions to unknown websites and thereby remain safe from such vulnerabilities.


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • Bug
  • Chrome
  • Google
  • internet
  • Privacy
  • security
  • Surveillance
Facebook Twitter LinkedIn Pinterest
Previous article Man Hacks Chinese Video Giant; Steals Millions of Dollars - Gets Caught
Next article iPhone - the likely cause of the EgyptAir Flight 804 crash
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
World's Most 'Resilient Malware' Botnet Emotet Taken Down

World's Most 'Resilient Malware' Botnet Emotet Taken Down

Top Cybersecurity Threats to Watch in 2021

Top Cybersecurity Threats to Watch in 2021

Database of 176 million Pakistani mobile phone users sold online

Database of 176 million Pakistani mobile phone users sold online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
NetWalker ransomware disrupted - Cryptocurrency and domain seized
Cyber Crime

NetWalker ransomware disrupted - Cryptocurrency and domain seized

41
Transferring Whatsapp data from iPhone to Android with MobileTrans
How To

Transferring Whatsapp data from iPhone to Android with MobileTrans

27
World's Most 'Resilient Malware' Botnet Emotet Taken Down
Cyber Crime

World's Most 'Resilient Malware' Botnet Emotet Taken Down

73

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us