Ransomware Group Claims Hack of Amazon’s Ring

A ransomware gang claims to have breached the massively popular security camera company Ring, owned by Amazon. The ransomware gang is threatening to release Ring’s data.

“There’s always an option to let us leak your data,” a message posted on the ransomware group’s website reads next to Ring’s logo. The ransomware group claiming responsibility for the attack is ALPHV, whose malware is known as BlackCat.

A screenshot of ALPHV’s listing. Image: Motherboard.

Like other ransomware groups, ALPHV goes beyond just locking a victim’s files, and has a website where it names and shames its victims in an attempt to extort them. If those targets don’t pay, ALPHV threatens to publicly release data stolen from them. ALPHV’s site stands out in that the section of its site which publishes hacked data, called “Collections,” is easier to search than some other hacking group’s sites.

Motherboard verified that a listing naming Ring is currently on ALPHV’s data dump site. The cybersecurity collective VX Underground tweeted a screenshot of the listing earlier on Monday.

It is not clear what specific types of data ALPHV may have access to, be that corporate or customer. Ring did not immediately respond to a request for comment.

Do you work at Ring? Do you know anything else about this hack? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email joseph.cox@vice.com.

ALPHV has previously leaked medical data, and hacked hospitality companies. It recently claimed an attack on an Irish university too.

In 2019, hackers on a Discord channel began hacking a series of Ring cameras all over the country by reusing credentials exposed in earlier hacks. These hackers then terrorized their victims; in Tennessee, for example, a hacker broke into the camera installed in the bedroom of three young girls and spoke through the camera’s speaker to the girls and played the song “Tiptoe Through the Tulips” to the girls. At one point, the hackers created a podcast where they broke into Ring users’ cameras live on air. 

Those incidents showed how sensitive a cloud-connected surveillance camera could be. Ring has sold millions of devices, which now are commonplace in neighborhoods around the country, where they surveil passersby and delivery drivers. Indoor cameras, meanwhile, are potentially even more sensitive because of the nature of the footage they can collect.

Amazon has partnered with at least two thousand police departments around the country to make it easy for users to share footage with law enforcement. The cameras—and the footage they take, which is often posted online—have become so popular that Amazon launched a television show called “Ring Nation,” which is a variety show made up primarily of bloopers shot by Ring cameras.

Though Ring itself was not compromised during those incidents, the hackers did leverage weaknesses in the way Ring’s default security settings were set up. Since those hacks, Ring has changed some of its security practices to make it easier and more obvious for users to check their security settings.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.

medical
delivery
devices