Jacob Mutisi

You can be next…Cybercrime is here to stay

By Engineer Jacob Kudzayi Mutisi

There has been a lot of questions on how former Vice President Cde Kembo Mohadi got his phone hacked and how the recordings were acquired. That can happen to anyone in these times of technology use. In Zimbabwe technology is our way of life.

Like everything, technology has its positives and negatives. Hackers have devised a way to blackmail ordinary citizens by switching on the camera on a smartphone or a computer and taking control of the machine without the owner’s knowledge.

This is done using Remote Administration Tools (RATs) also called Remote Administration Trojan (RATs) or remote access Trojans (RATs) – an aggressive form of malware that allows a hacker to access a victim’s entire computer. RATs were first created to prank friends. Today, they are cheaply available and used by everyone from cybercriminals to espionage groups to take control of computers and systems remotely.

In the early days of the internet, it was common for tech-savvy kids to scare their friends by controlling their Personal Computers remotely. They would eject the CD tray, swap the mouse buttons, or change the desktop colours. To the unwitting user, it looked like a ghost was taking over the machine.

This was the birth of Remote Access Trojans (RATs) – malicious software that allows an attacker to gain unauthorised access to a victim’s computer over the internet. RATs are typically installed without the user’s consent and remain hidden to avoid detection.

To attack, the malware is often sent to you as an email attachment on or WhatsApp (as text, video, or a song), Facebook, Snapchat, Instagram, Twitter, LinkedIn, Viber masquerading as something else (see the email below).

On email, most hackers use an Adobe Reader 9 (PDF) which over 60% of computer users still use and they use it to exploit and open a root-kit on the owner’s computer. The hacker then alters the PDF file remotely using a program and activates malicious files and they now have total control of the device remotely.

Once a user opens this PDF file, the hacker can then:
• Access both the front and the back camera.
• Capture past or live audio and videos.
• Record you at any time the app is in the foreground.
• Install whatever software/app they like on the device.
• Can grab your username and passwords.
• Steal documents from the device.
• Livestream the camera onto the internet.
• Take pictures and stream videos from the device camera.
• Upload incriminating images/documents to your device and notify the police.

One should get worried because the cumulative effect is a gross breach of privacy, without the device owner’s knowledge. Just think of where your computer or smartphone camera is positioned, and what someone might see if they watched you constantly, your bedroom antics, perhaps, or your daily nude stroll around the house. They might even see you take your device to the toilet with you.

To protect yourself against these hackers please always make sure you cover your device camera with tape or a sticker. Always plug out your microphone when you are not using it. The truth is you never know who is watching you or what is happening in the background on your device.

Protect yourself from blackmail. Hackers do these things for fun. If you need any further information do not hesitate to contact me on 0772278161 or chair@zict.org.zw

Engineer Jacob Kudzayi Mutisi
Chairman of the ICT Divison of Zimbabwe Institution Engineers (ZIE), Registered practising Engineer with the Engineering Council of Zimbabwe (ECZ), Member of the Institution of Engineering and Technology (IET), and a Councillor with the Institute of Directors Zimbabwe (IODZ).