Need a feel-good story to put you in the Christmas spirit? Turn around now: nothing good lies beyond this paragraph.
According to the California’s Justice Department, two men have been charged following a week-long spree of swatting – putting bogus calls into emergency services for an armed response – and hacking victims’ Ring doorbells so some truly abysmal examples of humanity could enjoy the fallout in real time.
James Thomas Andrew McCarty of North Carolina and Kya Christian Nelson of Wisconsin were both charged with conspiracy to access computers without authorisation, which carries a maximum sentence of five years. Nelson, who is apparently already behind bars in Kentucky for an unrelated crime, also received charges on two counts of intentionally accessing a computer without authorisation and two further charges of aggravated identity theft.
In all, the pair are accused of hacking into a number of Yahoo Mail accounts to access 12 Ring doorbell cameras in nine states back in November 2020. In one of the cases, Nelson allegedly got the police’s attention by phoning emergency services pretending to be a minor concerned about their parents drinking and firing guns.
And as if that wasn’t classy enough, the pair were also accused of using the Ring doorbell’s speaker feature to taunt both the victims of the swatting and police officers while the operating was going down. Rib-tickling.
Suffice it to say that swatting has resulted in accidental death before, and even when the prank merely results in terror, it’s traumatic for all concerned. The introduction of Ring doorbells here is especially troubling: it’s all a pretty depressing reminder that tech theoretically designed for your safety can be turned against you, given the victims seem to be targeted purely because of their easily accessible video doorbells.
The use of Yahoo Mail may not have helped either, given the service has suffered a number of password breaches in the last decade. I personally stopped using Yahoo Mail after someone broke in and started sending spam emails to all my contacts. I later checked the login history and found the site’s security had no issue with a user connecting from London, Warsaw and London again, all in the space of 15 minutes…