Trouble Is Brewing for Your IoT Devices
This clever hack exploits a smart coffee machine without requiring access to the local network.
It may be the understatement of the century to say that many makers of IoT devices do not put much emphasis on security in their products. Gadgets such as smart refrigerators, cameras, washing machines, and speakers provide fertile ground for malicious hackers to use their skills for fun and profit at your expense. But you keep your network secure — your router firmware is up to date and correctly configured, and your firewall is keeping out any would-be attackers. If crooks cannot get into your local network, then your IoT devices are nice and safe, right?
In a word, no. Martin Hron has shown us just how awful IoT device security can be with his very clever hack of a smart coffee maker.
The coffee maker, it turns out, acts as a WiFi access point with no encryption or authentication. It is controlled by a smartphone app, and this app also pushes updates to the firmware on the device. Hron found that the firmware itself is a part of the Android app and was able to recover a copy.
Cracking open the case, an Arm Cortex-M0 processor was found to be the main processing unit. With that knowledge, the firmware could be decoded into assembly language. At that point, the difficult work of reverse engineering the firmware began. When the documentation of the existing firmware was complete, there was enough information to make changes to the coffee maker’s functionality.
Hron developed a new version of the firmware that makes the machine go bonkers — turning on the grinder, spraying water, and beeping while displaying a ransom demand on the screen. To update the firmware, the only access that is needed is to be within WiFi range of the device. Via a custom Python script, the coffee machine can be switched into an “update” mode, after which it will accept a modified firmware image delivered over WiFi by the same script.
This hack would certainly annoy anyone, at least until they unplug the coffee maker. And it would almost certainly mean you would need to buy a new coffee maker, but that is not really the worst of it. An enterprising hacker could upload firmware that still functions as normal, raising no suspicion, while taking advantage of the trusted device on the network to gain further access. My suspicion is that this device is not unique and we will be seeing more exploits such as this in the future.