Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday July 30 2017, @04:50AM   Printer-friendly
from the brushing-up-on-security dept.

Researchers say they have found a way to hack an internet-enabled carwash and make it "attack" users.

They warned criminals could easily exploit the Laserwash car washes, making their doors close too early or their roller arms crush the tops of cars.

They also claimed the manufacturer PDQ ignored warnings about the risks for two years.

PDQ said it was urgently investigating the issues.

Laserwash installations can be remotely monitored and controlled by their owners via a web-based user interface.

However, in a presentation at the Black Hat conference in Las Vegas, Billy Rios of security firm Whitescope and Jonathan Butts from the International Federation for Information Processing showed how easily the system could be hijacked.

Firstly, they warned that Microsoft no longer supported the washers' Windows control systems, so hackers might be able to exploit hidden loopholes.

More worryingly, they managed to hack into an actual carwash by using the default password "12345".

An Anonymous Coward submitted a link to a related article from 2015:

http://www.darkreading.com/vulnerabilities---threats/hackin-at-the-car-wash-yeah/d/d-id/1319156


Original Submission


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by kaszz on Sunday July 30 2017, @10:13PM

    by kaszz (4211) on Sunday July 30 2017, @10:13PM (#546853) Journal

    Some people get hurt [youtube.com] regardless of automation ;-)

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2