No Comments

This guy managed to infect an electric coffee maker with ransomware


We have no doubt that Martin Hron is a very busy guy – after all, he is a senior researcher at Avast, one of the largest providers of endpoint protection solutions in the world. However, recently, he decided to use his knowledge to play with a gadget in order to prove a point (which we all already know): the Internet of Things (IoT) market is full of unsafe products.

Hron took hold of the latest version of the iKettle smart coffee maker and began to analyze its structure. He soon discovered that the communication between the device and its official smartphone app, used to make updates to its firmware, had no protection whatsoever – the connection had no encryption and could very well be intercepted for evil purposes.

Playback: Avast

After analyzing the source code and opening the gadget to study its hardware, the expert tried to use the coffee maker to mine Monero – Although he was successful in installing the miner, the product’s configurations proved ineffective to generate any significant amount of the cryptocurrency. It was then that he had the brilliant idea of ​​infecting the contraption with ransomware.

He created a Python script that, in addition to messing up the features of the smart appliance, displayed a message on his small LCD screen directing the user to visit a given web page if they wanted their beloved coffee maker back. Fortunately, everything was back to normal when unplugging the gadget.

Playback: Avast

“With the pace of the IoT explosion and a poor support attitude, we are creating an army of vulnerable, abandoned devices that can be misused for harmful purposes, such as network breaches, data breaches, ransomware attacks and DDoS,” explains Hron .

Although the actual attack scenarios are quite restricted (the malicious agent would need to stay close to the product for a long time to be able to invade it), it is disturbing to know that the possibility exists. The researcher notified iKettle, but the company claims that the model in question has already been discontinued – which means that, possibly, it will not receive security updates.

Source: Avast Threat Labs, HackRead

See the original post at:

You might also like

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.