The Washing Machine Security Bug that Allows College Students to Do Free Laundry in the US

May 20, 2024

42

Security Flaw in CSC ServiceWorks Washing Machines Allows Free Laundry: College Students Exploit Vulnerability

Two college students have discovered a major security flaw in the internet-connected washing machines operated by CSC ServiceWorks, potentially allowing millions of users to do their laundry for free. Alexander Sherbrooke and Iakov Taranenko, students from the University of California, Santa Cruz, found a vulnerability in the machines that could be exploited to bypass payment systems and manipulate laundry accounts.

According to a report by TechCrunch, CSC ServiceWorks boasts over a million laundry and vending machines across the US, Canada, and Europe. The students were able to exploit an API for the company’s mobile app, CSC Go, which allowed them to remotely control the washing machines without making any payments and even falsify their laundry accounts to show millions of dollars in credit.

Despite reporting the security flaw to CSC ServiceWorks in January via emails and phone calls, the company allegedly failed to respond to the students. Sherbrooke and Taranenko claimed that after they contacted the company, their false millions were quietly wiped from the accounts. Frustrated by the lack of action from CSC ServiceWorks, the students decided to share their findings with others.

The students pointed out that the company’s servers do not verify new user email addresses, making it easy for anyone to create a CSC Go account and send commands through the API. Taranenko expressed his surprise at the company’s oversight, stating, “I just don’t get how a company that large makes those types of mistakes, then has no way of contacting them.”

The student researchers emphasized that their actions were done in good faith to help improve the company’s security measures. Taranenko noted that it was a unique experience to conduct real-world security research outside of simulated competitions.

As CSC ServiceWorks addresses this security flaw, users are reminded to stay vigilant and report any suspicious activity on their laundry accounts.

The Washing Machine Security Bug that Allows College Students to Do Free Laundry in the US

Security Flaw in CSC ServiceWorks Washing Machines Allows Free Laundry: College Students Exploit Vulnerability

Related Articles

Despite tech selloff, US equity funds continue to attract inflows, reports WSAU News/Talk 550 AM · 99.9 FM

Market Wrap: Stocks Rise as Investors Bet on Fed, Broadening Trade Opportunities

Stocks Finish with Gains as Tech Sector Rebounds, Strong Earnings, and Rate-Cut Anticipation Boost Confidence

Latest Articles

Source: Packers QB Love Signs 4-Year, $220 Million Contract Extension, According to AP

Despite tech selloff, US equity funds continue to attract inflows, reports WSAU News/Talk 550 AM · 99.9 FM

2024 Paris Olympics Men’s Soccer Standings: Latest Scores and Results

Mamata Banerjee responds to MEA’s criticism on Bangladesh statement: ‘Don’t teach me’, Latest News and Live Updates – July 27, 2024

Regulation of ocean floor at center of debate as UN body prepares for election and deep-sea mining scrutiny

Most Popular

Svante’s Cleantech Facility, Valued at $165M, Does Not Qualify for Tax Credit

Blue Origin, founded by Amazon’s Jeff Bezos, lodges complaint to US government against Elon Musk’s SpaceX, response from Tesla CEO issued.

Pennsylvania grandma Michelle Rohl places third in 20K race walking competition at US Olympic Trials

Gene Therapy Showing Promise as Potential Cure for Herpes

Exercise Obangame Express 2024 Concluded by African and International Maritime Forces