Connect with us

Gadgets

Your Ring doorbell was vulnerable to being spied on….again

Amazon has already patched this vulnerability, so make sure you update your app,

ring video doorbell on a door
Image: Ring

Let me preface this by saying that no, your Ring doorbell isn’t vulnerable to this hack anymore as Amazon has patched it out, thankfully. Bu to be on the safe side, go and make sure your app is up-to-date and go about your day. If you want to know what the vulnerability contained, read on.

Buying any device marketed on its security features should mean you can trust that device to have a certain level of security. As we’ve often seen in the past, that isn’t always the case. This latest vulnerability in a smart home security device is via the Ring doorbell, which allows an attacker either look through your video feed or replace it entirely. Yes, just like in the movies.

Security researchers at Internet of Things (IoT) security firm Dojo by BullGuard showed off the hack in real-time while on stage at MWC in Barcelona this week. The hack is a little more involved than how easy it appears to subvert video feeds in spy movies, but it’s similar in principle:

  • Hacker gains access to the Wi-Fi network the Ring user is on, through a variety of means including guessing the password, breaking the encryption or pivoting from another IoT device on the same network
  • Once connected, the attacker can view the video and audio feeds between the Ring device and the Ring app, which is unencrypted when being transmitted
  • The attacker could also send their own video footage to the user’s app, making it appear that a trusted person is approaching the door to trick the user into unlocking their door.

Like I said to begin with if you’re a Ring owner – you don’t currently have to worry about this vulnerability as Amazon has patched it in the latest version of the Ring app. It was patched before the researchers took to the stage to show off the hack.

If you regularly keep your apps updated, you’re already protected. If not, go and update the app from your app store.

After publication, a Ring spokesperson contacted us with the following statement:

Customer trust is important to us and we take the security of our devices seriously. The issue in the Ring app was previously fixed and we always encourage customers to update their apps and phone operating systems to the latest versions.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Gadgets