We stand with Ukraine to help keep people safe. Join us

Tags Spying Malware

How to Tell if Your Laptop Camera Has Been Hacked

In 2020, a cybersecurity researcher found a macOS vulnerability allows scammers to hack a victim’s webcam if they clicked on a single malicious link. The webcam hacking vulnerability was eliminated, but cybercriminals may have found threatening new methods. You’ll learn how to tell if your laptop camera is hacked. Keep in mind that if your laptop camera was hacked, the spy may have placed spy cams, too. Use Clario Anti Spy’s Spy cam detector.

Get Clario

Get it for iOS, Android

Table of contents

How to know if your Mac webcam is hacked?

There are several ways to tell if your laptop camera is hacked. First, you should check if your webcam indicator lights up randomly. Second, inspect your Mac for videos and pictures you don’t remember taking. Finally, observe sudden spikes in network traffic. Read more on these and other signs of webcam traffic below.

Expert note

A Mac webcam may be hacked if the camera activates unexpectedly, you find photos or videos you didn’t create, or your network shows unusual outbound activity that could indicate a live video feed being transmitted. Because single signs can have harmless causes, it’s best to check multiple indicators before assuming your camera has been compromised.

The webcam indicator light randomly turns on

If your Mac webcam is being accessed without your permission, the most visible clue is the camera indicator light turning on at unexpected times. If your Mac’s webcam indicator light is on, the webcam is also on. Therefore, you should be on high alert as soon as your camera lights up or flickers on its own. Sure, it can be a software or hardware malfunction, but it is more likely to be your laptop camera being hacked.  

 

Can a MacBook camera be on without light? Apple assures its customers that the FaceTime HD camera cannot be used without enabling the indicator light. However, cybercriminals are constantly finding software vulnerabilities and overcoming security safeguards, making it essential for users to watch out for other signs of webcam hacking.

Quick note

On Mac laptops, Apple designs the camera so it can’t capture video without the indicator light turning on. That said, attackers may still try to exploit software to trigger legitimate camera access, so it’s important to watch for other signals of compromise—like unknown media files or suspicious network activity.

Suspicious videos and pictures in the webcam folder  

Another common sign of webcam compromise is discovering media files you don’t recognize in places where webcam recordings are typically stored. If you come across videos you haven’t recorded or pictures you haven’t taken, chances are your webcam is hacked. The likeliest location of the suspicious media files is the Photo Booth Library. Here’s how to check it:

  1. In the Finder menu, select Go and click Go to Folder.
  2. Enter the following path and click Go: ~/Pictures/Photo Booth Library/Pictures.
  3. Click the Photos Library folder.
  4. Click the Photos Library folder and look for any suspicious videos or pictures.
Finder menu open on Mac with the Go dropdown expanded and Go to Folder option selected to access system folders.
Step 1. In the Finder menu, select Go and click Go to Folder
Mac Go to Folder window with the path ~/Pictures/Photo Booth Library/Pictures entered to locate webcam photos and videos.
Step 2. Enter the following path and click Go:~/Pictures/Photo Booth Library/Pictures
Mac Finder window showing the Photos Library folder selected inside the Pictures directory to review stored webcam images and videos.
Step 3. Click the Photos Library folder.
Mac Finder window displaying the Photos Library contents with image and video files visible for review of potentially suspicious webcam recordings.
Step 4. Open the Photos Library folder and carefully review its contents for any videos or pictures you don’t remember taking.

Note that cybercriminals can store pictures and videos in random folders on your Mac. Thus, the lack of suspicious media materials in the Photos Library folder does not necessarily mean your device is safe from hackers.  

Note

Сybercriminals can store pictures and videos in random folders on your Mac. Thus, the lack of suspicious media materials in the Photos Library folder does not necessarily mean your device is safe from hackers.

Check for Suspicious Browser Extensions

Browser extensions can request permissions, inject scripts, or redirect you to malicious sites—so it’s worth auditing what’s installed.

  • Remove extensions you don’t recognize or no longer use
  • Pay attention to extensions that request broad permissions (especially camera-related prompts)
  • Restart the browser after removing anything suspicious

Sudden spikes in network traffic  

If your network traffic randomly skyrockets, somebody might be transmitting your web camera’s feed over the internet. To check your network traffic, follow these steps:

  1. In the Applications folder, click Utilities.
  2. Launch Activity Monitor and click the Network tab.
  3. Look for activities with suspiciously high network usage.
Mac Applications folder open with the Utilities folder selected to access system tools like Activity Monitor.
Step 1. Open the Applications folder and click Utilities
Activity Monitor open on a Mac with the Network tab selected to monitor real-time network usage and identify suspicious processes.
Step 2. Launch Activity Monitor and click the Network tab

How “suspicious” app can look like in Activity Monitor (Network tab):

  • Unknown or oddly named processes with consistently high Sent Bytes
  • High outbound traffic when you’re not video calling, uploading, or backing up
  • Repeated spikes that occur at the same time each day
  • A process that reappears after you quit it

Note

High network traffic doesn’t automatically mean your webcam is hacked. Large uploads (cloud backups), macOS updates, syncing photos, or streaming can also cause spikes—so treat this as a supporting signal, not proof on its own.

If someone has hacked your laptop (or tried to), they might also try installing hidden cameras to watch you. Luckily, Clario Anti Spy can help you uncover these secretive spy cameras so that you can maintain your privacy.

 

Here’s how to use Clario Anti Spy’s Spy cam detector:

  1. Launch Clario Anti Spy, log in or create an account, and then locate the Spy cam detector option on the homescreen.
  2. Press Scan and wait for the app to check your network for suspicious devices.
  3. Check the list of devices for anything suspicious. If you notice a spy camera, remove it from your network immediately.
When your webcam's hacked, someone is probably using it as a hidden spy camera. To uncover spy cameras in your house, open Clario Anti Spy and press Scan under Spy cam detector.
Steps 1-3: Open Clario Anti Spy, press Scan beneath Spy cam detector, then wait for the results.

Webcam doesn’t work

Either your webcam simply malfunctions or it has been hijacked by cybercriminals. To check if your webcam is working, make a FaceTime call or take a picture in the Photo Booth app.  

An extortion note

After hacking your Mac’s camera, cybercriminals might email you an extortion note or leave one on your device. Usually, they demand a payment in exchange for not exposing recorded photos and videos.  

 

Before paying up, ask yourself: “Is my camera really hacked?” You need to pause and think for a moment before responding or transferring any money. Cybercriminals often trick people into believing they have been spied on even without hacking their camera.

Common Ways Mac Webcams Get Compromised

Most webcam takeovers happen after malware or unwanted software gains a foothold on the system. These are common routes attackers use to get there:

  • Malicious browser extensions that request camera permissions or inject scripts
  • Trojanized downloads (fake apps, “cracked” software, or bundled installers)
  • Remote Access Trojans (RATs) that let an attacker control the Mac remotely
  • Phishing emails that trick you into installing a “viewer,” “update,” or “security tool”
  • Exploited software vulnerabilities when macOS or apps are outdated

Definition

A Remote Access Trojan (RAT) is malware that gives an attacker remote control of your device—often including access to the camera, microphone, and files.

How to protect a webcam from being hacked?

Camfecting or webcam hacking can result in a serious violation of your privacy. After a successful breach, cybercriminals can record your most private moments and release them online. They can also demand money for destroying the recordings, which might not happen even if you cave in and pay the ransom.  

Definition

Camfecting means gaining unauthorized access to a device’s webcam so it can be turned on remotely to record or monitor someone without consent.

Here’s how to protect your Mac webcam from hacking.

Cover your webcam

A piece of tape would do. If you want a more elegant solution, consider using webcam covers specifically designed for laptops. Even if a hacker manages to access your Mac’s camera, they still won’t see a thing.

Pro tip

If you use a physical webcam cover, choose a low-profile design so the laptop lid closes cleanly—thicker covers can put pressure on the screen over time.

Restrict camera access in Screen Time  

Use Screen Time to restrict camera access for some or all apps. By doing so, you can reduce your exposure to hacks via rogue apps or native Apple apps with security vulnerabilities. Here’s how to do it:

  1. In the Settings, open Screen Time.
  2. Click Turn On.
  3. In the Content & Privacy section, click Apps.
Mac System Settings window with Screen Time selected in the sidebar to manage privacy and app access controls.
Step 1. In System Settings, click Screen Time
Mac Screen Time settings window showing the Turn On button selected to activate usage and privacy controls.
Step 2. Click Turn On to enable Screen Time
Mac Screen Time settings displaying the Content & Privacy section with the Apps option selected to manage app permissions.
Step 3. In the Content & Privacy section, click Apps

Can hackers access your phone camera?

Yes. There are many strains of spyware capable of hacking your iPhone’s camera. A case in point is Pegasus, which is a malware capable of — Attention! — hacking your phone’s camera without you clicking a single link.

 

Once installed, Pegasus can record video and audio, collect iPhone usage data and transmit it to hackers. Due to the overwhelming popularity of Pegasus among hackers and intelligence agencies, its developer collected $240 million in revenue in 2020 alone.  

 

The bottom line is phones are an easy target for cybercriminals. And no matter how cautious you are, your phone’s camera can be turned into a surveillance device.  

Parting thoughts

Hopefully, our advice has helped to protect your private life and keep it away from the prying eyes of cybercriminals. Unfortunately, it’s becoming easier than ever for hackers, scammers, and stalkers to track your activities. Once you’ve secured your laptop, use Clario Anti Spy’s Spy cam detector to check for other hidden or hacked cameras on your network.

 

Keep Reading

Keep reading

How to Stop Virus Warning Pop-ups on Android

Android Security

How to Stop Virus Warning Pop-ups on Android
Why is My Phone Overheating?

Android Security

Why is My Phone Overheating?
How To Remove a Browser Hijacker From an Android Phone

Android Security

How To Remove a Browser Hijacker From an Android Phone

Are spies watching you? Use Clario Anti Spy to find hidden cameras.

Get started