惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Vercel News
Vercel News
The GitHub Blog
The GitHub Blog
博客园 - 【当耐特】
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Recent Announcements
Recent Announcements
D
Docker
GbyAI
GbyAI
酷 壳 – CoolShell
酷 壳 – CoolShell
WordPress大学
WordPress大学
The Cloudflare Blog
雷峰网
雷峰网
A
About on SuperTechFans
小众软件
小众软件
博客园 - Franky
博客园 - 聂微东
F
Full Disclosure
大猫的无限游戏
大猫的无限游戏
C
Check Point Blog
MongoDB | Blog
MongoDB | Blog
G
Google Developers Blog
Microsoft Azure Blog
Microsoft Azure Blog
U
Unit 42
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
V
V2EX
Engineering at Meta
Engineering at Meta
宝玉的分享
宝玉的分享
aimingoo的专栏
aimingoo的专栏
量子位
P
Proofpoint News Feed
Hugging Face - Blog
Hugging Face - Blog
博客园_首页
罗磊的独立博客
Martin Fowler
Martin Fowler
D
DataBreaches.Net
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
S
Secure Thoughts
Project Zero
Project Zero
L
LangChain Blog
阮一峰的网络日志
阮一峰的网络日志
C
Cybersecurity and Infrastructure Security Agency CISA
T
Tailwind CSS Blog
S
Schneier on Security
Blog — PlanetScale
Blog — PlanetScale
The Hacker News
The Hacker News
Spread Privacy
Spread Privacy
Security Latest
Security Latest
NISL@THU
NISL@THU
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
C
CXSECURITY Database RSS Feed - CXSecurity.com
J
Java Code Geeks

hackers Archives - VICE

Hackers Are Spreading Malware Through LinkedIn Comments Now Feds Want to Ban the World’s Cutest Hacking Device. Experts Say It's a ‘Scapegoat’ Hackers Took Over Transit Ads with Messages from Queer Palestinians in Gaza ‘Windows for Gamers’ Rolls Dice With Your Security Senator Asks Big Banks How They're Going to Stop AI Cloned Voices From Breaking Into Accounts The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers Smart Garage Company Fixes Vulnerability by Breaking Customers' Devices The Cure Tried to Stop Scalpers. Brokers Are Selling Entire Ticketmaster Accounts Instead Inside the DEA Tool Hackers Allegedly Used to Extort Targets
Hackers Can Remotely Open Smart Garage Doors Across the World
Joseph Cox · 2023-04-04 · via hackers Archives - VICE

Hackers can remotely tap into a particular brand of smart garage door opener controllers and open them across the world due to a series of security vulnerabilities that the brand, called Nexx, has declined to fix, according to findings from a security researcher. 

The vulnerabilities pose a serious risk to users of Nexx, which offers a wi-fi enabled garage door opener controllers among other products. The researcher who discovered the issue says that Nexx has not responded to their attempts to responsibly report the vulnerabilities for months, according to a copy of an email shared with Motherboard.

Videos by VICE

“Completely remote. Anywhere in the world,” Sam Sabetan, the security researcher, told Motherboard, describing the hack.

Have you discovered any other serious vulnerabilities? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email joseph.cox@vice.com.

Nexx says it sells “Easy-to-use products that work with things you already own.” Its garage product connects to a person’s existing garage door opener and allows them to activate it remotely through a smartphone app. “Life is complicated enough. Remembering whether or not you left your garage door open should be the least of your worries: Get peace of mind,” the company advertises on its website. Nexx has run campaigns on Kickstarter.

Sabtean made a video proof-of-concept of the hack. It shows him fist opening his own garage door as expected with the Nexx app. He then logs into a tool to view messages sent by the Nexx device. Sabetan closes the door with the app, and captures the data the device sends to Nexx’s server during this action.

With that, Sabetan doesn’t just receive information about his own device, but messages from 558 other devices that aren’t his. He is now able to see the device ID, email address, and name linked to each, according to the video.

Sabetan then replays a command back to the garage through the software—rather than the app—and his door opens once again. Sabetan only tested this on his own garage door, but he could have remotely opened other users’ garage doors with this technique.

Sabetan told Motherboard he could open doors “for any customer.”

“That’s the craziest bug. But the disabling alarm and turning on [and] off smart plugs is pretty neat too,” he added, referring to another Nexx product that allows users to control power outlets in their home.

The consequences of someone weaponzing these vulnerabilities are wide ranging and potentially a real security threat for Nexx’s customers. A hacker could open Nexx doors around the world at random, exposing their garage contents and perhaps their homes to opportunistic thieves. Pets might escape. Or customers might just get very annoyed at someone opening and closing their property with no idea of why it was happening. In more extreme cases, a hacker could use the vulnerabilities as part of a targeted attack against a particular garage that used Nexx’s security system.

Sabetan and Motherboard have repeatedly tried to contact Nexx about the issues. Sabetan said the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) told him it had attempted contact too. The company has failed to reply or fix the vulnerabilities. This means the security vulnerabilities are still available to hackers who may wish to abuse them. For that reason, Motherboard is not describing them in great detail and instead focusing on their impact to consumers. CISA published its own advisory about the security issues on Tuesday.

It appears Nexx is actively ignoring at least some inquiries trying to warn them of the vulnerabilities. After Nexx’s support email did not respond to his vulnerability report, Sabetan contacted Nexx’s support again, this time saying he was looking for help with his own Nexx product.

That time, Nexx’s support staff replied, according to a copy of the email Sabetan shared with Motherboard.

“Great to know your support is alive and well and that I’ve been ignored for two months,” Sabetan replied. Please respond to ticket [ticket number,” he wrote, referring to his vulnerability report.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.