College students discover security flaw that could let millions do laundry for free

Two college students discovered a security flaw in internet-connected washing machines, leading to an exploitable vulnerability for millions of machines.

1 minute & 28 seconds read time

Two college students discovered a security exploit within the API of a washing machine that is currently in use across several countries.

College students discover security flaw that could let millions do laundry for free 156561615

Alexander Sherbrooke and Iakov Taranenko discovered the security flaw within the API created by the company behind the washing machines, CSC ServiceWorks. The two students claim the vulnerability within the internet-connected API enabled them to remotely turn a machine on without payment, and update their laundry account to display millions of dollars. Reports indicate that CSC ServiceWorks has more than a million machines across college campuses, housing communities, and laundromats in the US, Canada, and Europe.

The two college students contacted CSC ServiceWorks about the security flaw and didn't receive a response from the company, but noticed shortly after their laundry account balance was changed from millions of dollars back to $0. The two students spoke to The Verge and said the lack of response from CSC ServiceWorks led them to tell other people about the vulnerability, which resulted in the posting of the list of commands that enables anyone to access CSC's network-connected laundry machines.

With the method of connecting to the laundry machines now public it will likely be very soon the vulnerability will get fixed. This is a solid reminder to any businesses they are network-connected to make sure your cybersecurity is up to date, and if anyone is genuinely trying to contact you regarding your network security (obviously avoid scammers), it's worth lending an ear to them.

Buy at Amazon

$10 -PlayStation Store Gift Card [Digital Code]

TodayYesterday7 days ago30 days ago
Buy at Newegg
* Prices last scanned on 6/18/2024 at 3:03 pm CDT - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science, space, and artificial intelligence news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

Related Tags