Two students find security bug that could let millions do laundry for free

A collection of warning signs, bugs, and notifications emulating malware or a cyber attack. The images are placed in a connected web against a blue background.
Illustration by Carlo Cadenas / The Verge

A security lapse could let millions of college students do free laundry, thanks to one company. That’s because of a vulnerability that two University of California, Santa Cruz students found in internet-connected washing machines in commercial use in several countries, according to TechCrunch.

The two students, Alexander Sherbrooke and Iakov Taranenko, apparently exploited an API for the machines’ app to do things like remotely command them to work without payment and update a laundry account to show it had millions of dollars in it. The company that owns the machines, CSC ServiceWorks, claims to have more than a million laundry and vending machines in service at colleges, multi-housing communities, laundromats, and more in the US,...

Continue reading…



source https://www.theverge.com/2024/5/19/24160383/students-security-bug-laundry-machines-csc-serviceworks

Comments

Popular posts from this blog

In a world first, China lands a spacecraft gently on the Moon’s far side

Snap suspends two anonymous messaging apps after cyberbullying lawsuit