Two men have been accused of hacking into Ring doorbells and using their cameras to livestream swatting attacks, according to the Department of Justice. Kya Christian Nelson, 21, James Thomas Andrew McCarty, 20, and unnamed others allegedly spent a week using stolen Yahoo email addresses and passwords to access video from a dozen security systems before calling the police to each residence, according to the indictment, which you can read below.
The DOJ says the scheme worked like this: the alleged perpetrators would get the info for the Yahoo accounts and then figure out if the owner also had a Ring account. If they did, Nelson, McCarty, and the others would allegedly “gather information” about the people before calling the police on them, telling dispatchers things like they were children whose drunk parents were shooting guns in the house or that someone was being held hostage.
“We bruteforce n****s ring doorbells and we swat them”
According to the press release, the purported victims lived all over the US, in Michigan, California, Montana, Georgia, Texas, Illinois, Alabama, and Florida. Nelson, who is already in jail after pleading guilty to calling in shooting and bomb threats to a Kentucky high school, is being charged with aggravated identity theft as well as unauthorized access of a computer. Both he and McCarty, who the DOJ says was arrested last week, are also being charged with “conspiracy to intentionally access computers without authorization.”
The indictment doesn’t go into much detail about how the police responded in most cases, but it accuses the men of using the Rings to taunt police officers when they showed up. (Many Ring devices have speakers that are meant to let owners communicate with whoever’s at their door.) It also doesn’t mention which social media platforms Nelson and McCarty allegedly used to “transmit the audio and video” captured by Ring cams during the police responses.
It does, however, have details about a case in North Port, Florida. According to news reports from local outlets and Vice that appear to be about the incident mentioned in the indictment, the call led to a school being locked down. The indictment alleges that McCarty bragged about the swatting on unnamed social media platforms, saying “we bruteforce n****s ring doorbells and we swat them after … Its f****g funny” and posting a link to articles about the police response, saying that he had “made the news.”
Ring and its parent company Amazon have a long history of providing data to the police, and it’s not necessarily surprising that they were targeted by criminals as well. While the doorbells weren’t absolutely necessary for the swatting, they gave the criminals a way to watch it happen in real time.
That’s part of the reason why streamers are frequent targets — the perpetrators can see police burst in with guns drawn. Of course, that last part is why swatting isn’t a harmless prank; police have killed innocent people while responding to those sorts of calls, and even nonfatal incidents can leave victims traumatized.
Source: https://news.google.com/__i/rss/rd/articles/CBMiV2h0dHBzOi8vd3d3LnRoZXZlcmdlLmNvbS8yMDIyLzEyLzIwLzIzNTE3OTczL3JpbmctZG9vcmJlbGxzLXN3YXR0aW5nLXlhaG9vLWVtYWlsLWFycmVzdNIBAA?oc=5
