Tech »  Topic »  Hackers Can Secretly Access ThinkPad Webcams by Disabling LED Indicator Light

Hackers Can Secretly Access ThinkPad Webcams by Disabling LED Indicator Light


In a presentation at the POC 2024 conference, cybersecurity expert Andrey Konovalov revealed a novel method for covertly disabling the LED indicator of the ThinkPad X230’s webcam, highlighting ongoing vulnerabilities in USB-connected devices. Like many laptops, the ThinkPad X230 has a built-in webcam that connects via USB.

During his presentation, Konovalov detailed his journey of curiosity-driven experimentation with USB fuzzing—a process used to discover hidden device functions by sending unexpected inputs.

Konovalov began by setting up a bricking-resistant environment to prevent permanent damage to the webcam, as initial attempts inadvertently corrupted the device firmware.

His systematic fuzzing of vendor-specific USB requests uncovered a way to both read and modify the webcam’s firmware, a process that allowed for deeper control over webcam functionality.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Key Discoveries

The researcher discovered that the webcam’s firmware consists ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE