Two University of California, Santa Cruz students uncovered a significant security vulnerability in internet-connected washing machines, potentially allowing millions of users to do laundry for free.
Use the warmest water setting when doing your laundry. (Photo: Steve Buissinne from Pixabay)
Unveiling a Security Flaw in Laundry Machines
Alexander Sherbrooke and Iakov Taranenko discovered the flaw in machines owned by CSC ServiceWorks. By exploiting the API of the machines’ app, TechCrunch reported that the students were able to remotely start the machines without payment and manipulate laundry account balances to display millions of dollars.
Operating over a million laundry and vending machines across colleges, multi-housing communities, laundromats, and more in the US, Canada, and Europe, CSC ServiceWorks acknowledged the issue and is working to address the security lapse. The discovery highlights the growing concerns around the security of internet-connected appliances and the potential risks they pose.
CSC ServiceWorks did not respond when Sherbrooke and Taranenko reported the security vulnerability through emails and a phone call in January.
However, the students noted that despite the lack of communication, the company quietly corrected the issue by erasing the false millions in their accounts after being notified.
The students’ frustration with CSC ServiceWorks’ lack of response led them to share their discoveries publicly. They revealed that the company has a published list of commands that allows connection to CSC’s internet-connected laundry machines.
CSC’s security flaw is a stark reminder that the security of internet-connected devices, or the Internet of Things (IoT), remains unresolved.
While CSC may bear the risk for this specific vulnerability, similar lax cybersecurity practices in other instances have allowed hackers or company contractors to access strangers’ security camera footage or gain control of smart plugs.
This ongoing issue highlights the need for robust security measures in the rapidly expanding IoT landscape. Security researchers frequently discover and report these vulnerabilities before they can be…
https://spinsafe.com/wp-content/uploads/2024/05/heres-how-to-properly-clean-your-hands-home-and-phone-to-prevent-coronavirus-infection.jpg10001500SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-05-20 16:00:072024-05-20 16:00:07UC Students Uncover Major Security Flaw in Internet-Connected Laundry Machines
