the huge bug in connected washing machines revealed


Two students discovered an alarming security flaw that allowed free access to millions of connected CSC ServiceWorks washing machines. Despite its repeated reports, the company did not respond, leaving this large vulnerability open for months.

Two students from the University of Santa Cruz, Alexander Sherbrooke and Iakov Taranenko, discovered a serious vulnerability in the system. CSC Service Worksa major supplier of internet connected washing machines. This flaw allowed free access to wash cycles in more than a million devices deployed in the United States, Canada and Europe.

Exploitation of the flaw

Exploiting this flaw, students were able to send remote controls to start washing cycles without having to pay. They also managed to artificially credit his user account several million dollarsan astronomical sum for student laundry fees.

Despite repeated reports from students, CSC ServiceWorks has not responded to address this critical vulnerability. The company has shown a indifference worryingly, leaving their systems vulnerable For several months.

Delayed reaction

It was just after media coverage of the affair that CSC ServiceWorks finally answered. The company apologized for its initial lack of responsibility and assured that it was investing in strengthening the security of its systems.

This incident highlights the significant risks associated with poorly secured connected systems, particularly when they involve financial transactions. It stands out the need for businesses to take cybersecurity seriously from the design of their products and stay tuned security researchers in order to protect their customers.


Our blog is powered by readers. When you shop through links on our site, we may earn an affiliate commission.





Source link

Leave a Comment