Online Forum Members Exploited Weak Credentials to Turn Ring Cameras Against Their Owners

upstart writes:

Submitted via IRC for chromas

Online Forum Members Exploited Weak Credentials To Turn Ring Cameras Against Their Owners

To add to all the bad news that is Ring camera's lifecycle to this point comes the report that a group of malcontents has been exploiting default/weak credentials to gain access to cameras. Joseph Cox has the this-would-be-funny-if-it-weren't-so-scary details at Motherboard.

Hackers have created dedicated software for breaking into Ring security cameras, according to posts on hacking forums reviewed by Motherboard. The camera company is owned by Amazon, which has hundreds of partnerships with police departments around the country.

[...] There's not much actual hacking going on. What appears to be happening is purchasers aren't choosing unique passwords when they set up their cameras. They also aren't using the two-factor authentication Ring recommends.

There are enough cameras out there (and more being installed every day), there's an entire forum set up just for the hijacking of Ring cameras/doorbells. Forum members are selling exploit tools to each other which allow these jackasses to brute force Ring devices using credentials (usernames/email addresses and passwords) found elsewhere on the web.

The popular exploitables have even spawned a podcast featuring unsuspecting device owners being trolled by jerks who have gained access to Ring and Nest cameras. This is what's in store for device owners who haven't properly secured their new purchases.

Original Submission

Read more of this story at SoylentNews.