Cybercriminals and black hat hackers exploit system vulnerabilities and human weaknesses as well. This hacking tutorial discusses how a malicious actor can access any mobile or computer camera, microphone, physical location, and device information by just sending a URL along with some basic social engineering techniques.
Throughout this tutorial, we will glance at How Hackers Access Target WebCam Remotely and see what is happening on the other hand. To break into the victim’s webcam, we will utilize the tool Storm-Breaker and Kali Linux.
Recently in March 2021,
A group of hackers breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc. gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons, and schools.
Storm-Breaker is going to assist us with a hack. With Storm-Breaker, you have.
Let us get rolling!
Clone the git repository into your Kali Linux Desktop.
git clone https://github.com/ultrasecurity/Storm-Breaker
Change directory to storm-breaker.
cd Storm-Breaker
Change the mode of the installer.sh file and execute the script. The install.sh script handles all operations related to installing and removing the application.
Chmod 777 linux-installer.sh
sudo bash linux-installer.sh
Install all the requirements for the tool using pip functionality.
python3 -m pip install -r requirments.txt
Give executable permission to python file.
chmod 777 Storm-Breaker.py
And run the setup.
sudo python3 Storm-Breaker.py
Select option 1 and press enter.
Select any templet you wish to hack. You can go for the default or mobile cam. Here I select option 2.
At this point, wait for the tool to download Ngrok server and generate a malicious link for a victim.
Ngrok Server
Ngrok is a tunneling reverse proxy system that establishes tunnels from a public endpoint i.e., an internet, to a locally running network service. It creates a public HTTP/HTTPS URL for a website running locally in a machine.
If you want to learn more about installing your own Ngrok server, you can find here.
Transfer the malicious link to the victim’s device and wait for the victim to click on the link. Here I have emailed the link to the victim’s mobile device.
Once the victim clicks on the link, it will redirect to the fake page and will give pop-up message to allow for webcam.
When the victim allows the webcam, nothing will happen other than the webcam clicking images every other second. But If a victim is smart enough, then from notification, he will recognize that link is using a webcam for malicious purpose.
The webcam will take images as long as the victim will stay on that webpage. But as soon as the victim closes the webpage, the connection will break, and all the taken images save in an image folder of Storm-beaker.
Should we fear hackers? Intention is at the heart of this discussion.
Kevin Mitnick
Industrial Cybersecurity
September 28, 2023
Want always be up to date?
By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.
Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings
Gone are the days when phones were only used to make phone calls and send text messages; nowadays, smartphones are more akin to a pocket-sized
Can random characters in your code get you in trouble? They certainly can! Today, we are going to discuss CRLF injections and improper neutralization of
There is software available, like Metasploit, to gain remote access to any android phone. But other than that, we have the L3MON tool (A Cloud-based
Want always be up to date?
By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.
Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings
