A vulnerability patched recently by Amazon in the Android app for its Ring surveillance cameras exposed user data and video recordings, according to cybersecurity firm Checkmarx, whose researchers identified the flaw.
Checkmarx researchers discovered earlier this year that the official Ring Android app, which has been installed more than 10 million times from Google Play, was affected by several issues that could be chained to obtain information such as name, email address, phone number, physical address, geolocation data, and camera recordings.
The attack relies on a malicious application installed on the same Android device as the Ring camera app. Exploitation involves loading content from a malicious web page, exfiltrating an authorization token to the attacker’s server, and using the token to obtain a cookie needed to call Ring APIs. These APIs could then be abused to obtain sensitive user data and recordings.
Checkmarx made the technical details of the attack public on Thursday, along with a video describing its potential impact.
Researchers demonstrated potential impact by using Amazon’s image and video analysis service Rekognition to automate the analysis of recordings taken from Ring cameras in an effort to find sensitive data or information that could be valuable to an attacker. They showed how an attacker could find sensitive data from screens or documents, and track people’s movements in a room monitored by a Ring camera.
The vulnerability was reported to Amazon through its bug bounty program on May 1 and an Android app update that patches the flaw was released on May 27.
“We take the security of our devices and services seriously and appreciate the work of independent researchers. We issued a fix for supported Android customers back in May, soon after the researchers’ submission was processed. Based on our review, no customer information was exposed,” a Ring spokesperson told SecurityWeek.
It’s not uncommon for hackers to target Ring products, and Amazon has even faced lawsuits from customers who had their cameras hacked.
*updated with statement from Ring
Related: Ring Doorbell App for Android Sends Out Loads of User Data
Related: Smart, or Not So Smart? What the Ring Hacks Tell Us About the Future of IoT
Related: Serious Vulnerabilities Found in Firmware Used by Many IP Camera Vendors
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
Latest News
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- UN Experts: North Korean Hackers Stole Record Virtual Assets
