Hackers Break Into Brinks Ultra Secure Safe

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
All it took for hackers to break into a Brinks "ultra secure" electronic safe 100 lines of code on a USB thumb drive. :eek:

Yet this – opening a Brinks CompuSafe Galileo using its standard USB port, a keyboard and 100 lines of code – was most definitely possible for a pair of security researchers, Daniel Petro and Oscar Salazar, who work for the IT security consulting company Bishop Fox.
 
Allowing access to the device through an exposed USB port was just asking for trouble. Why even bother locking it at that point.
 
whoops... who would have though someone might try to plug something into a USB port!
 
DigitalGriffin said:
Most likely used the low level USB controller IO flaw to rewrite the controller. This is a similar exploit used by a number of 3 letter agencies from what I understand.

http://www.bbc.com/news/technology-29475566
Click to expand...

Another method that may work since it runs XP would be to use a Ducky key. If they didn't bother using a more secure OS, I doubt they bothered to prevent against the HID exploit to launch payloads.
 
Just disable the USB port. The easiest way is with a flathead screwdriver and a hammer. A few good wallops and nobody will be plugging anything in there again.
 
You must log in or register to reply here.
Back
Top