© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Two held over digital camera police prank

Digital cameras made by tech company Ring have been implicated in an armed police prank-calling case that has seen two men charged with going on a “swatting spree” involving at least a dozen victims, according to the US Department of Justice (DoJ).

The charges, brought by a federal court in California against Kya Nelson, of Wisconsin, and James McCarty, of North Carolina, are also bad news for the smart camera manufacturer’s owner Amazon: cameras made by Ring were implicated in a recent case that nearly resulted in an innocent woman being shot.

Nelson, 21, and McCarty, 20, stand accused of hacking into a dozen Ring home security devices across the country, placing bogus emergency phone calls to provoke an armed police response – hence the term “swatting” – before livestreaming the resulting standoffs on social media while taunting officers despatched to the scene.

If convicted, the pair face up to five years in prison for hijacking the digital devices, with another possible two-year stretch for aggravated identity theft.

The anarchic, and potentially lethal, escapade lasted for barely more than a week in November 2020 but was widespread, covering states as far apart as Texas, Illinois, and Montana. That prompted the Federal Bureau of Investigation (FBI) to issue a public warning urging smart home camera users to adopt complex passwords and two-factor authentication to help safeguard themselves.

The DoJ alleges that Nelson and McCarty “gained access to home security door cameras sold by Ring LLC, a home security technology company,” and illicitly acquired username and password details for associated Yahoo email accounts belonging to victims.

“Then they allegedly determined whether the owner of each compromised Yahoo account also had a Ring account using the same email address and password that could control associated internet-connected Ring doorbell camera devices,” added the DoJ. “Using that information, they identified and gathered additional information about their victims.”

Nelson and McCarty are also accused of making false emergency calls to local police in areas where the victims lived, “to elicit an emergency police response to the victim’s residence” before hacking into Ring devices to transmit audio and video footage from them to social media during the response incidents.

In one such case in California, the accused allegedly hacked into Yahoo and Ring accounts belonging to a victim so they could pretend to be children who felt threatened in the presence of drunken, gun-toting parents.

“A hoax telephone call was placed to West Covina police purporting to originate from the victim’s residence and posing as a child reporting her parents drinking and shooting guns inside the residence,” said the DoJ.

The case was brought by the FBI and is being prosecuted by the department’s Cyber and Intellectual Property Crimes Section.

Ring said it helped the Bureau to identify the suspects and insists that the credentials they stole were not obtained from a breach of its own defenses, but a third party.

“We learned bad actors used stolen customer email credentials obtained from external non-Ring services to access other accounts, and took immediate steps to help those customers secure their Ring accounts,” said the company.

“We take the security of our customers extremely seriously: that’s why we made two-step verification mandatory, conduct regular scans for Ring passwords compromised in non-Ring breaches, and continually invest in new security protections to harden our systems,” it added.

More from Cybernews:

Epic Games to pay $520m over child privacy

Scammers steal huge shipments from US food suppliers, American agencies warn

Taiwan investigates TikTok for illegally operating a subsidiary

Google enables beta data-encrypting feature

Musk asked Twitter if he should remain CEO: poll asks him to step down

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked