Webcam logger interception by CFP and GesWall

Zemana has a test application to check for web cam logging and I read that there are POCs/ trojans that can capture and transfer webcam images from a victim PC.

I have tried to add this feature via custom rules in GesWall and CIS. I am not sure how good this rule will work and what potential issues it might cause.

1- In CIS I added \Device\usb* in my protected files and it successfully blocks web cam logger, yahoo messenger,s web cam access and web cam logger trojan,s web cam access.


2- In GesWall I added a new rule in Resources:

Security Class : Confidential
Resource Type : Device
Resource Name \Device\usb

It,s intercepting Webcam logger and YAhoo messenger,s web cam access.

What can be the problems created by these custom rules, I am not sure. Anyone can suggest? I tried my USB mouse and USB memory stick and grossly did not get any troubles/ pop up alerts due to these rules.

Thanks

 

Hi,

Thank you aigle for your hints.

OA paid intercepts this logger by default



Regards,

MaB

 

Did the rule for GW interfere with printing?

 

Nice to see. Thanks

Is it added recently? I remember not long ago Mike said they are not interestred in it.

 

I don,t know really.

 

Weeks ago since early 3.1 beta if i am not wrong, aigle

MaB