The US Federal Bureau of Investigation says criminals are hijacking weakly-secured smart devices in order to live-stream or record swatting incidents.
“Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks,” the FBI said in a public service announcement published today.
Officials say suspects are taking over devices on which owners created accounts but reused credentials that previously leaked online during data breaches at other companies.
These individuals then place calls to law enforcement and report a fake crime at the victims’ residence.
“As law enforcement responds to the residence, the offender watches the live stream footage and engages with the responding police through the camera and speakers,” the FBI said.
“In some cases, the offender also live streams the incident on shared online community platforms.”
The first known cases of a swatting incident being live-streamed online date back to the mid-2010s. The difference between what the FBI is reporting now and those initial incidents is that devices weren’t being hacked.
Pranksters would identify social events that were being streamed online and would arrange the event to be swatted, such as weddings, church meetings, and more.
To counteract with this new rising hack&swat cases, bureau officials said they are now working with device vendors to advise customers on how they could select better passwords for their devices.
Furthermore, the FBI said it’s also working to alert law enforcement first responders about this new swatting variation, so they may respond accordingly.
As for device owners, the same advice remains valid: Use complex and unique passwords for each of your online accounts. Use two-factor authentication where available.