Ransomware

Ring Denies Falling Victim to Ransomware Attack

Ring says it has no indications it has fallen victim to a ransomware attack after cybergang threatens to publish supposedly stolen data.

Ionut Arghire

March 14, 2023

In response to a cybercrime group’s claims, home security firm Ring says it has no evidence that it has fallen victim to a ransomware attack.

Founded in 2013 and acquired by Amazon in 2018, Ring started with a smart doorbell and later expanded its portfolio with an alarm system and other smart home security products.

On Monday, the cybergang behind the Alphv ransomware added an entry to their leaks site claiming they breached Ring and threatening to release data supposedly stolen from the company.

The entry does not provide details on the amount or type of data that might have been compromised.

“There’s always an option to let us leak your data,” the entry reads.

Responding to a SecurityWeek inquiry, Ring denied falling victim to a ransomware attack.

“We currently have no indications that Ring has experienced a ransomware event,” Ring said.

Also tracked as BlackCat and Noberus and written in the Rust programming language, the Alphv ransomware family was first seen in November 2021, but its operators are likely linked to the previously known cybercrime ring behind the Darkside/Blackmatter ransomware.

Operating under the ransomware-as-a-service (RaaS) business model, the group typically harvests and exfiltrates data from the infected systems, and then uses it to pressure victims into paying a ransom.

In July 2022, shortly after creating a dedicated leak site to pressure one of their victims, the group created a searchable database so that employees and customers of victim organizations could search for their potentially compromised data.

In some cases, the group was also seen launching distributed denial-of-service (DDoS) attacks against victims, and harassing their customers, employees, and partners, to further pressure them into paying up. The Alphv ransomware operators have breached over 100 organizations to date.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Click to comment

Webinar: How to Build Resilience Against Emerging Cyber Threats

Thursday, March 16, 2023

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Webinar: Understanding Hidden Third-Party Identity Access Risks

Tuesday, March 28, 2023

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Tackling the Challenge of Actionable Intelligence Through Context

Making threat intelligence actionable requires more than automation; it also requires contextualization and prioritization. (Marc Solomon)

Malware Trends: What’s Old Is Still New

Many of the most successful cybercriminals are shrewd; they want good ROI, but they don’t want to have to reinvent the wheel to get it. (Derek Manky)

Are Encryption and Zero Trust Breaking Key Protections?

Compliance and ZTNA are driving encryption into every aspect of an organization’s network and enterprise and, in turn, forcing us to change how we think about protecting our environments. (Matt Wilson)

How the Best CISOs Drive Operational Resilience

Cyberattacks have exposed a myriad of vulnerabilities in our healthcare infrastructure, and will continue to do so as new and innovative medical technologies are developed. (Galina Antova)

Defeating the Deepfake Danger

Deepfakes are becoming increasingly popular with cybercriminals, and as these technologies become even easier to use, organizations must become even more vigilant. (Derek Manky)