Connect with us

Hi, what are you looking for?


Amazon Ring may have exposed some users’ Wi-Fi passwords to hackers

An Amazon Ring vulnerability may have given hackers access to some users’ Wi-Fi passwords, according to a report by cybersecurity researchers. 

Researchers at Bitdefender discovered an issue back in June, which allowed anyone close enough to a Ring device to intercept the Amazon-branded doorbell and snatch private Wi-Fi network credentials.

Read our review of the Ring Video Doorbell 2

Hackers could then use this information to gain access to the network and launch larger attacks, conduct surveillance or use the password to access other devices with the same login details.

The vulnerability affects the configuration and reconfiguration process used to set up or repair Ring devices, as this is when they require a wireless connection to join the local network.

“When first configuring the device, the smartphone app must send the wireless network credentials,” explained Bitdefender in its report. “This takes place in an unsecure manner, through an unprotected access point.”

Once the network is up, the app connects to it automatically, queries the device and sends the credentials to the local network all in plain HTTP text. The unencrypted connection could allow any nearby eavesdroppers to access the user’s home network credentials.

Hackers aware of the vulnerability can even use this knowledge to orchestrate an attack by prompting the user to reconfigure their device.

“The attacker must trick the user into believing that the device is malfunctioning so the user reconfigures it,” warned Bitdefender. “One way to do this is to continuously send deauthentication messages, so that the device is dropped from the wireless network.”

READ  The 5 Best Ultrawide Monitors for All Budgets in 2019

Read our review of the Ring Video Doorbell Pro

The user will be unable to receive notifications or reach the remote servers to view their live view feed, eventually being forced to reconfigure the device by leaving and joining the network again, allowing the attacker to intercept and grab their home network credentials.

Thankfully Amazon resolved the issue in September, though the issue was only disclosed to Ring users this week.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


YouTube is one of the huge platforms to watch and share videos of any type. Frequently times, you stumble upon a video which you...


Extratorrent, the most popular torrent site due to its huge database of torrent content. You can find and download here every type of torrent...


For some people, an antivirus app is worthless for their Android device. Common sense is more than enough to protect your phone from all...


Stage 1: Gather your Materials and Resources For this project, you will need the following Tools: Hand drill (i love my dewalt) and bits...