The hacker, from the Rhineland area, is suspected of having infected computers with a program enabling him to manipulate webcams, a spokesman for the Aachen state prosecutor confirmed on Friday.
Thomas Floß from the association of data protection advisors, discovered the case, according to a report in the Westfalenblatt newspaper. He often visits schools to talk with children about data protection and sensible behaviour on the internet.
His presentation includes a video showing how children can be spied on via their webcam.
“I want to show how dangerous webcams are,” he said. “I became suspicious when from February, increasing numbers of girls expressed the suspicion this was happening to them.”
Two girls told him the little lights on their webcams were not going out when they had finished using them. On examining one of the computers Floß discovered a so-called Trojan computer program which was being used to control the equipment, and which had been spread via the chat service ICQ.
The hacker had allegedly broken into the chat service account of one schoolgirl, and used it to choose which others he wanted to spy upon, and send the Trojan to their computers.
He was traced to the Aachen region and arrested – when police officers arrived at his home they found several live feeds to bedroom cameras running on his computer, the Westfalenblatt reported.
Floß said he believed many more people were doing the same thing. “I have visited 50 to 60 schools, and every time at least one schoolgirl tells me they have such a problem [with webcams not switching off],” he said.
He told the paper one should be careful to note whether a computer continues to run when it is no longer being used.