Gandalf_The_Grey

Level 36
Verified
Trusted
Content Creator
In a series of hacks targeting Ring camera devices, attackers are terrifying homeowners and making them feel violated in their own homes after taunting them or speaking to their children over the device's speakers.

On December 12th, numerous media outlets reported that homeowner's Ring devices were being hacked and used to talk to people in their homes while they are making dinner, having breakfast, or playing in their rooms.

Read the rest of the story here:

Statement from Ring:
"Recently, we were made aware of an incident where malicious actors obtained some Ring users’ account credentials (e.g., username and password) from a separate, external, non-Ring service and reused them to log into some Ring accounts. Unfortunately, when people reuse the same username and password on multiple services, it’s possible for bad actors to gain access to many accounts."
If you have questions or need assistance turning on two-factor authentication or changing your password, please contact help@ring.com.
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
I saw yesterday one of the those videos where a real douche bag thought it was funny taunting a poor innocent kid. I'm Santa. No, you're an idiot that deserves serious long time behind bars. Maybe then he can contemplate on his own actions here in life and hopefully understand some things one simply don't do. Especially against kids.
 

Threadripper

Level 8
Most of these are the user's fault because they reuse passwords and don't use 2FA, rather than exploits being found in the actual devices. Basic, common sense security aside... why would you put a camera like this in your house, let alone an 8 year old's bedroom? I don't expect most people to understand what a LAN is and to look for camera equipment which is local, but this is common sense...
 

plat1098

Level 22
Verified
More like "I'm Satan." That's an anagram of Santa. Sometimes, it can take a nasty, bucket-of-ice-water-in-your-face incident like that to get one to beef things up in the security dept. It did for me.

In jail, there are cameras trained on you 24/7 (I hope) and disembodied voices thru speakers. The hacker gets a little taste of his own medicine that way. (y)
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Most of these are the user's fault because they reuse passwords and don't use 2FA, rather than exploits being found in the actual devices. Basic, common sense security aside... why would you put a camera like this in your house, let alone an 8 year old's bedroom? I don't expect most people to understand what a LAN is and to look for camera equipment which is local, but this is common sense...
I partially agree with you but, I rather blame these companies/vendors and especially the developers that create, advertise, propagate and then sell products with poor and weak code to begin with. Still, and extra specially in child attack cases, I will always always put the first and foremost blame on the coward child attacker. 😤

Why does anyone put cameras in their own home nowadays one obvious could ask. Why does people put cameras in doghouses for example. Because it's possible. Dosen't automatic makes it correct and right in every single case. These companies thrives on peoples fear so I would guess that's a very common reason. But, it's not like the " hackers " accidentally stumbled over these streams and just started to talk out of pure curiosity and wanted to help these people. They themselves 100% actively and knowingly took the decision to connect and, jumped on innocent children. Now, that's so far from anything I at least know is common sense. It's also thankfully against most countries laws.

Rings official statement I can understand for many reasons. Rings brand or actually any companies brand never ever want to be associated with children being attacked. That's serious counterproductive.

Ring of course also does this for legal reasons as it's a risk it could cost them even more if they did nothing. What I personal don't like with this and many other statements is the serious lack of understand and the lack of genuine empathy for those customers that been effected. The first words should always be that Ring would condemn and never ever agree with people using their products for unlawful attacks on kids. I even read the whole statement and, nope. I can't see that and I even read it twice. It mainly consist of how one should use their products the best way. That in itself ain't wrong at all but, maybe create products that enforce users to actually also use them as safe as possible would be a good start. Maybe don't make it possible to automatic talk with anyone and instead create/add an active action that first must be made from the receiving part could also perhaps be a smart idea. Etc etc. It's called development for a reason and the customers can't do that!
 
Last edited:

Threadripper

Level 8
I partially agree with you but, I rather blame these companies/vendors and especially the developers that create, advertise, propagate and then sell products with poor and weak code to begin with. Still, and extra specially in child attack cases, I will always always put the first and foremost blame on the coward child attacker. 😤

Why does anyone put cameras in their own home nowadays one obvious could ask. Why does people put cameras in doghouses for example. Because it's possible. Dosen't automatic makes it correct and right in every single case. These companies thrives on peoples fear so I would guess that's a very common reason. But, it's not like the " hackers " accidentally stumbled over these streams and just started to talk out of pure curiosity and wanted to help these people. They themselves 100% actively and knowingly took the decision to connect and, jumped on innocent children. Now, that's so far from anything I at least know is common sense. It's also thankfully against most countries laws.

Rings official statement I can understand for many reasons. Rings brand or actually any companies brand never ever want to be associated with children being attacked. That's serious counterproductive.

Ring of course also does this for legal reasons as it's a risk it could cost them even more if they did nothing. What I personal don't like with this and many other statements is the serious lack of understand and the lack of genuine empathy for those customers that been effected. The first words should always be that Ring would condemn and never ever agree with people using their products for unlawful attacks on kids. I even read the whole statement and, nope. I can't see that and I even read it twice. It mainly consist of how one should use their products the best way. That in itself ain't wrong at all but, maybe create products that enforce users to actually also use them as safe as possible would be a good start. Maybe don't make it possible to automatic talk with anyone and instead create/add an active action that first must be made from the receiving part could also perhaps be a smart idea. Etc etc. It's called development for a reason and the customers can't do that!
Of course the person to blame is the attacker, but there isn't a great deal companies can do unless they integrate HaveIBeenPwned with the sign up process and force 2FA, the latter would make LOTS of people lose their accounts. I wasn't trying to blame the parents, of course not, but attacks like these are inevitable when most people don't know what 2FA is and use one bad password. Even one good password would be no good if it was breached.
 

shmu26

Level 85
Verified
Trusted
Content Creator
I am guessing that people put cameras in the rooms of children and the elderly so they can monitor them and make sure they are safe and sound. My elderly mother has speakers in her bedroom, monitored by a caregiver, but she would probably be even safer with a camera in there.
 

Gandalf_The_Grey

Level 36
Verified
Trusted
Content Creator
How to Enable Two-Factor Authentication and Secure Your Ring Account by How-To Geek:
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
The company attributed the breaches to poor password security in the accounts hacked, and said that the users did not have two-factor authentication enabled. Ring does not require two-factor authentication on accounts, though the company said it planned to make security improvements.
 

Entreri

Level 7
Cheap IoT devices, made by Chinese company X. Lots of people have them all over the place now. Would be very easy to hack into.

The opposite end of spectrum compared to Apple products.
 
Top