The owners of a Ring doorbell security camera in Texas have been targeted by a bitcoin extortion attempt, which they managed to thwart simply by removing the device’s batteries to shut it off. The case, nevertheless, shows Ring security camera hackers are now demanding cryptocurrency payments.
According to a report published by WFAA, spotted by Gizmodo, 28-year-old Tania Amador revealed her Ring security system was hacked by hackers looking to cash in on their access to the device, by demanding a ransom of 50 bitcoin, equivalent to around $360,000.
Speaking to WFAA Amador stated:
I was asleep and our Ring alarm was going off like an intruder had entered our home. Then we heard a voice coming from our camera.
The voice initially started claiming to be from Ring’s support team, notifying the homeowner her account had been terminated by a hacker. It soon added that if the didn’t pay the 50 bitcoin ransom, she would be terminated as well.
The situation appeared to turn worse for Amador and her partners, as the hackers managed to make it look like they were just outside her door after compromising the security camera, adding to the pressure of the situation. Their response was to reach the device and remove its batteries.
Without their batteries, the hijacked cameras simply went off and the bitcoin extortion attempt ended. Ring has notably been at the center of a controversy after various reports pf its doorbell cameras being hacked started emerging. A report by Motherboard showed that on hacking forums, software used to hack these devices is being sold for as little as $6.
This type of software is often sold on the dark web, where vendors even list Black Friday deals to appeal to their customers. Speaking to WFAA, a home security firm claimed that these security breaches were a result of third-party data breaches that include Ring account details, and not a security flaw within Ring’s security system itself.
Update: A Ring spokesperson reached out to CryptoGlobe with a statement regarding the situation:
"Customer trust is important to us and we take the security of our devices seriously. Our security team has investigated this incident and we have no evidence of an unauthorized intrusion or compromise of Ring’s systems or network.
Recently, we were made aware of an incident where malicious actors obtained some Ring users’ account credentials (e.g., username and password) from a separate, external, non-Ring service and reused them to log in to some Ring accounts. Unfortunately, when the same username and password is reused on multiple services, it’s possible for bad actors to gain access to many accounts.
Upon learning of the incident, we took appropriate actions to promptly block bad actors from known affected Ring accounts and affected users have been contacted. Consumers should always practice good password hygiene and we encourage Ring customers to change their passwords and enable two-factor authentication."
Featured image via Unsplash.