Alphv, a cyber gang responsible for the Blackcat ransomware, has claimed to have hacked into Amazon subsidiary Ring, a seller of smart home and IoT security products, including surveillance cameras. While there is no concrete evidence to support these claims, Alphv’s recent history of publishing nude photos of breast cancer patients after breaking into a healthcare network indicates their lack of scruples. Alphv has made the announcement of the burglary on the Darknet, leaving few details about what they were able to access or which systems they had penetrated.
Attacks on Amazon’s Ring devices have been frequent since the end of 2019, with criminals trading device account credentials on underground forums and offering tools for automated credential stuffing to try to gain access to data. Since Amazon advertises the security products of its subsidiary so massively, these products have become widespread. To protect against these attacks, users of Ring products should ensure they have a strong password and activate multi-factor authentication.
It remains unclear what Alphv had access to when they hacked into Ring but their words in the Darknet announcement suggest they may have access to all camera streams and photos. For now, one potential solution is to take Ring products offline until there is more information on what the hackers were able to access.
