This one scares me. Click jacking essentially is where various vulnerabilities in browser, OS and the Flash player allow a malicious user to use your camera and microphone without your knowledge. There are many variations on it, but today Adobe released an advisory statement on the implications within the Flash player, and now the beans are officially spilled.
I first read about it via Jeremiah Grossman’s blog, and then quickly thereafter on ha.ckers.org. The definitive proof of concept can be found at guya.net, and all things considered I actually have a Post It note over my camera at the moment.
Even more terrifying is what a hacker would have seen and heard coming from my office this morning. I’ll spare you the visuals, but it would have sounded like “Meow, meow, meow, meeeeeeoooowwwwwww!” and then “who’s a frisky girl… who’s a frisky girl”, followed by my cat making a nice big scratch under my eye…