Notorious vulnerabilities found on Ring smart cameras made them a prime target for hackers in 2019. Footage extracted from the cameras targeted at the time of the attack are available online, in which we can see the room and its inhabitants “in conversation with” the hacker through the built-in speakers. One of them shows a little girl in her room, and the hacker telling her to “do what she wants”, “break her TV” or “mess up her room” through the camera.
These videos are streamed live on NulledCast, a forum which provides its users with “45 minutes of entertainment” by encouraging hackers to penetrate random Nest and Ring devices. Following these attacks, Ring issued a press release detailing the “credential stuffing” method used by hackers, which consists of exploiting passwords and usernames from previous data leaks that are sold by attackers. To guarantee more security, users are vividly encouraged to create single-use credentials for various authentication, and to use the two-factor authentication available on Ring cameras.