Saturday, December 9, 2023

A Ransomware Gang Claims to Have Hacked the Security Camera Company Amazon Ring

There has been a recent cyber attack on Amazon’s popular security camera company, Ring, which was attributed to a ransomware group ALPHV that uses the BlackCat malware

This group has now claimed responsibility for the attack and is now threatening to leak the data from the company.

There are at least two thousand police departments around the country that have partnered with Amazon to make sharing footage with law enforcement as easy as possible for their users.

It is no secret that the cameras and the footage they take, often posted online, have become so popular. In response, Amazon launched a television show called “Ring Nation,” which is a variety show around Ring cameras that includes mostly bloopers recorded by the cameras.

It is important to note that after the news of the data breach broke out, in a statement issued to Motherboard, Ring said it did not have evidence that any of its systems had been compromised but that a third-party vendor had been infected with ransomware.

A Ransomware Gang Claims to Have Hacked Ring

As part of the attack, ALPHV raised the alarm, saying that its malware, BlackCat, had been used to carry out the attack. Affiliate groups of victims who refuse to pay the ransom have access to a searchable database created by the BlackCat malware authors.

ALPHV has a dedicated “leak site,” as do many other groups of this kind, where its members selectively release data they have stolen during an attack. This week, ALPHV posted a message on its page for Ring that states:- 

“There’s always the option to let us leak your data…” 

But after the post, the threat actors have not posted anything about it.

No Customer Data Has Been Affected

The fact that companies initially deny that a hack has compromised customer data is not uncommon, but in reality, the data has been compromised due to a security breach.

A privacy and security practice of Ring has drawn controversy in the past since third parties are used to collect and share information about its users and its own privacy practices.

Although Ring claims that it prioritizes the security and privacy of its customers, we have seen numerous instances where these claims have failed to live up to the claims and have resulted in harming the customers and community members who use Ring.

As of now, Ring has not confirmed whether or not the hackers were able to access any of its users’ data, so there is not yet any guidance for Ring users on how to deal with the situation.

Almost all Ring doorbells and security cameras are compatible with E2EE (end-to-end) encryption, which is available in most regions. Therefore, neither any government entity, hackers, nor even its parent company, Amazon, will be able to access the footage that has been uploaded.

Network Security Checklist – Download Free E-Book

Related Read

Website

Latest articles

WordPress POP Chain Flaw Exposes Over 800M+ Websites to Attack

A critical remote code execution vulnerability has been patched as part of the Wordpress...

Russian Star Blizzard New Evasion Techniques to Hijack Email Accounts

Hackers target email accounts because they contain valuable personal and financial information. Successful email...

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles