Hackers have a new target device aside smartphones or computers: a smart coffee machine. Security researchers found a way for threat actors to fully control any smart home appliances that could pose a danger to anyone in your house. Have you seen a 'hacked' coffee maker machine? Here's how they do it.
Coffee machines can be 'hacked' too
Imagine having your first coffee in the morning. You head to the kitchen, plug in the smart coffee machine, and wait for the coffee to arrive.
You've seen something wrong with the machine as it is not working as you wish. You looked at the screen, and someone managed to hack its system and display a threatening message.
It sounds impossible, but it is not. But it turns out that hackers can easily enter their way into your smart coffee machine if they wish to.
In 2015, the BBC already had written an article mentioning how smart Kettle could give your Wi-Fi password to a hacker, which might eventually lead to something more: stealing your personal data.
It was related to the problems involving the 'internet of things" or IoT. Hackers can easily manipulate anything that has network access.
In today's time, Wired reported the same issue involving security researchers from Avast. These researchers found a way to perform complete reverse engineering of the Kettle hacking.
Interestingly, they were surprised by the many things that hacking can do in a smart coffee maker machine.
It can ask you for ransom
As they studied the trick's reverse engineering process, they found that a single, smart coffee machine has scary features that it can possibly do.
For example, hackers could trigger the coffee maker to turn on the burner, dispense water, spin the bean grinder, and display a ransom message, all while beeping repeatedly.
"It's possible," said Martin Hron, a researcher at security company Avast in an interview. "It was done to point out that this did happen and could happen to other IoT devices. This is a good example of an out-of-the-box problem. You don't have to configure anything. Usually, the vendors don't think about this."
Here's the sample video of their experiment:
As you can see in the video, Hron proved that the machine could be a platform to pose a threat to businesses or at home.
He put a message scaring the machine owner, saying, "Want your machine back?" with the link of a cryptocurrency address below, asking for ransom money.
"Originally, we wanted to prove the fact that this device could mine cryptocurrency," Hron wrote. "Considering the CPU and architecture, it is certainly doable, but at a speed of 8MHz, it doesn't make any sense as the produced value of such a miner would be negligible."
If this happens to you, what will you do? You can plug the machine out from the socket.
This article is owned by Tech Times
Written by Jamie Pancho