At approximately 2200 EST, moderators on a popular ransomware telegram page began posting claims that BlackCat (also known as AlphaV, AlphaVM, ALPHV, ALPHV-ng, or Noberus)had successfully exploited Amazon Ring, the popular home security system. The post is below:
Amazon has not yet commented on this claim. However, the company was plagued with a critical vulnerability last August.
The vulnerability was discovered by Atlanta-based app security firm Checkmarx while assessing the Ring doorbell app for Android. The flaw could expose sensitive user data, including the following:
- Address
- Full name
- Geolocation
- Email address
- Phone number
Although Amazon quickly fixed the vulnerability in the same month when it was discovered, the details of it were only shared on August 18th by Checkmarx.
While it is not currently clear if this claimed exploitation deals with last year’s vulnerability, the impacts could be significant.
BlackCat is a relative newcomer to the ransomware scene but quickly gained notoriety during its first active months. Discovered in November 2021, the group was feared for its sophistication. Experts and researchers believe the group may be associated with other advanced-persistent threat (APT) groups like Conti, DarkSide, Revil, and BlackMatter.
