A wave of Ring security intrusions reported in the past few days have been traced back to a podcast called NulledCast in which hackers gain access to exposed Ring security cameras and then livestream everything in real-time.
According to an ArsTechnica report, the livestream was hosted on Discord servers until Discord removed it. The podcast is also linked to a forum called Nulled, which hosts various tools needed to access the Ring cameras remotely.
Amazon says it suffered no breaches, but that’s not the only way compromised credentials are leaked. Many people use the same user name and passwords for various services, and they might not have the slightest idea their credentials were already leaked in a different incident.
One of the creepiest incidents involving a Ring security camera recently came when someone remotely connected to a device and talked to an eight-year-old girl, asking her if she believes in Santa and if she wants to be his friend. The parents disconnected their recently purchased camera altogether.
A Motherboard investigation tracked some of the activity related to the podcast and the Nulled forum before Discord banned it.
“Sit back and relax to over 45 minutes of entertainment. Join us as we go on completely random tangents such as; Ring & Nest Trolling, telling shelter owners we killed a kitten, Nulled drama, and more ridiculous topics. Be sure to join our Discord to watch the shows live,” stated one of the ads running on the forum.
For now, it’s unclear what tools or apps were sold on the forum for Ring security camera access, so it’s impossible to say if they were using an undiscovered vulnerability. Just a couple of weeks ago, Bitdefender revealed that the Ring doorbell could have been hacked in a way that allowed the attacker to find out the Wi-Fi password.
If you have a Ring security camera, it’s a good idea to choose another password and enable a two-factor authentication solution.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsNovember 14, 2024
September 06, 2024