"UCSC Students Discover, Help Patch Cybersecurity Flaw for Free Laundry"

Alexander Sherbrooke, a first-year computer science and engineering student at UC Santa Cruz, explored the security of an Internet-connected laundry machine. With his computer, he was able to use the machine's public-facing Application Programming Interface (API) to run a script that told the laundry machine to start a load without paying the $1 fee. He informed Slug Security, a hacking and cybersecurity club for students, about the laundry machine's interface vulnerability. In collaboration with Slug Security vice president and second-year computer engineering student Ex Taranenko, the two students discovered that they could manipulate the machines to add money to their digital wallets in the app used to pay for laundry. This article continues to discuss key observations from the study.

UC Santa Cruz reports "UCSC Students Discover, Help Patch Cybersecurity Flaw for Free Laundry"

Submitted by grigby1