Connect with us
Hackers can make payments from locked iPhones with VISA card Hackers can make payments from locked iPhones with VISA card

Security

Hackers can make payments from locked iPhones with VISA card

Published

on

The method is an active replay and relay MitM attack.

Researchers from the University of Birmingham and the University of Surrey in the UK discovered a way to make fraudulent payments using Apple Pay from a locked iPhone with a Visa card. The method is a digital version of pickpocketing. It works over the air, even if the iPhone is in a bag or in someone’s pocket.

Experts studied relay attacks on contactless payments and found that iPhones confirm transactions under certain conditions. To make a payment, iPhone users need to authorize it by unlocking the phone using Face ID, Touch ID, or a password. However, in some cases, such as when paying for public transport, unlocking the device makes the payment process cumbersome for the user. Apple Pay addressed the issue with Express Transit, which allows transactions to be completed without unlocking the device.

Express Transit works with turnstiles and card readers that send a custom byte sequence bypassing the Apple Pay lock screen. When combined with a Visa card, this feature can be used to bypass the Apple Pay lock screen and make illegal payments from a locked iPhone to an EMV reader for any amount and without user authorization.

The researchers were able to simulate a transaction using a Proxmark device. The method is an active play-and-relay MitM attack in which Proxmark plays “special bytes” on the iPhone, ostensibly paying for a ticket without the need for user authentication.

Experts were also able to change the Card Transaction Qualifiers (CTQ) indicators, which are responsible for setting limits for contactless transactions. During the experiment, the researchers carried out a transaction in the amount of £ 1,000 from a locked iPhone. The attack was successfully tested on iPhone 7 and iPhone 12.

The tests were successful only with iPhone and Visa cards. In the case of Mastercard, it is verified that the locked iPhone only accepts transactions from card readers with a transit merchant code.

The study was sent to Apple and Visa in October 2020 and May 2021, respectively, but neither company has addressed the issue. Instead, tech giants have shifted the burden of patching onto each other, so the vulnerability is still there and can be exploited with off-the-shelf hardware and software.

Click to comment

Leave a Reply

Your email address will not be published.

Security

Hackers hacked Europe’s largest missile manufacturer

Published

on

Hackers hacked Europes largest missile manufacturer

Unknown hackers, acting under the nickname Adrastea, hacked into the database of the largest European missile manufacturer – MBDA, formed as a result of the merger of the French Aérospatiale-Matra Missiles, the British Matra BAe Dynamics and the Italian Finmeccanica-Leonardo. This was reported by Security Affairs.

Hackers hacked Europe's largest missile manufacturer

The attackers’ message about gaining access to the company’s network appeared on one of the forums. As evidence, a link to an archive with demo files was attached.

The total amount of stolen data was estimated by hackers at 60 GB. “The uploaded data contains confidential and confidential information about your company’s employees who took part in the development of closed military projects MBDA (PLANCTON, CRONOS, CA SIRIUS, EMADS, MCDS, B1NT, etc..) and about your company’s commercial activities in the interests of the EU Ministry of Defense (design documentation for air defense systems, missile systems and coastal defense systems, drawings, presentations, video and photo (3D) materials, contract agreements and correspondence with other companies Rampini Carlo, Netcomgroup, Rafael, Thales, ST Electronics, etc.”, the hackers wrote.

Adrastea is ready to discuss the cost of the stolen data array. MBDA has not yet commented on the incident.

MBDA manufactures a wide variety of missiles and related installations. For example, the company produces air-to-air missiles AIM-132 ASRAAM (short range, with IR guidance), MBDA Meteor (long range), MICA (medium range, with IR and radar guidance). The company’s product range also includes surface-to-air missiles – Mistral (MANPADS), MBDA Aster (medium and long range), Aspide Mk.1 (medium range), Sea Wolf (SAM), anti-ship (Exocet, Otomat, Marte, Sea Skua) and anti-tank (ERYX, Brimstone, HOT) missiles.

Continue Reading

Security

Samsung is ahead of the curve again. The company released the August security patch for three flagship lines at once

Published

on

Samsung is ahead of the curve again The company released

Samsung was the first company in the market to release the August security patch for its smartphones. Moreover, for three flagship lines at once: Galaxy S20, S21 and S22.

Samsung is ahead of the curve again.  The company released the August security patch for three flagship lines at once

Today, owners of these smartphones in Germany began to receive updates, including a security patch. Usually, users from other countries do not have to wait long. The August security patch fixes dozens of vulnerabilities, so it’s quite important.

Samsung has sometimes been ahead of even Google in recent years, releasing security patches earlier and offering longer support for its flagships, although just three or four years ago, Samsung was almost the worst in this matter.

Continue Reading

Security

Hacker withdrew about $6 million worth of ETH from decentralized streaming platform Audius

Published

on

Hacker withdrew about 6 million worth of ETH from decentralized

Audius (AUDIO) is an artist-run, community-owned music streaming platform that aims to enable anyone to freely distribute, monetize, and stream audio.

Hacker withdrew about $6 million worth of ETH from decentralized streaming platform Audius

Audius aims to return money and power to artists by connecting them directly to listeners and removing record labels and middlemen from the equation.

If bitcoin can be called the digital analogue of gold, then, according to the developers, Audius aims to be the next Spotify or SoundCloud on the blockchain. “The cryptocurrency music app aims to decentralize and democratize the music industry and give artists back more money and control.”

An unknown person was able to change the configuration of the smart contract for managing Audius, and then created a malicious offer to withdraw $6 million in AUDIO tokens.

Hacker withdrew about $6 million worth of ETH from decentralized streaming platform Audius

An unknown person was able to change data on the voting time for the proposal in the Audius smart contract, as well as the delay in the execution of the voting result. As a result of the fraud, the attacker brought the stolen cryptocurrency for sale, however, due to market slippage, he was able to sell a cryptocurrency worth $6 million for only $1.1 million in Ethereum.

According to the attacker’s address transfer history, the cryptocurrency received from the sale was “laundered” at 100 ETH per transaction through the Tornado Cash mixer.

Audius representatives confirmed the hack. The project developers claim that the functionality of the smart contract has been resumed after a detailed study. Whether Audius will compensate investors for losses remains unclear.

Continue Reading

Most Popular