Police Nab Creator of Webcam Trojan

Spanish police have arrested a man suspected of creating a Trojan horse software program capable of making secret recordings of Internet users through their Webcams and stealing confidential information.

The 37-year-old suspect is a computer programmer from Madrid identified by the initials J.A.S. Spanish Civil Guard units caught the man spying on various Net users through their Webcams when they surprised him in his home this week during an operation dubbed "Tic-Tac," they say.

The man is alleged to have created a Trojan horse program distributed through peer-to-peer file sharing networks, like Kazaa. The Trojan horse can be hidden in a file for a picture or song, and once downloaded gives the hacker remote access to the victim's computer.

The hacker can install a keystroke logger that records confidential information such as banking passwords, as well as accessing personal photos and other sensitive information stored on computers. What's more, it gives the hacker the ability to operate a Webcam connected to the computer, and to view and record anything in the camera's field of vision.

Unable to Detect It?

Police characterize the Trojan horse as "highly sophisticated" and say they believe it has already infected thousands of computers in several countries. As far as they know, no commercial antivirus products are able to detect it, they say.

Because they have not identified which Trojan horse the suspect allegedly created, antivirus companies cannot say definitively whether or not they are able to detect it, says Graham Cluley, senior technology consultant for Sophos.

That said, since the Trojan horse appears to have been around for a while, he suspects that it has been seen by antivirus companies before.

It's now up to the police to share whatever information they have so users can check to see if they are infected, Cluley says.

"You could see how people would be quite disturbed by the thought of being burgled and recorded in this way," he adds.

Spanish police were made aware of the Trojan horse in July when a resident in the city of Alicante contacted the Civil Guard through its Web site to report a computer problem, police say. They then launched Operation Tic-Tac, and by working with a Spanish antivirus company they were able to locate the suspect, they say.

In addition to catching him in the act of spying, police found abundant documents, recordings, and other incriminating material in his home, they say.

"We believe he is guilty. We found a mountain of evidence," a spokesperson for the Civil Guard says. The suspect is due to appear in court on Wednesday. If convicted, he could face years in jail, the spokesperson says.

Subscribe to the Security Watch Newsletter

Comments