U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Bypassing locking mechanisms of a smart gun with $15 worth of magnets

The hacker ‘Plore’ demonstrated that it possible to bypass security measures implemented by German manufacturer Armatix for its smart gun. The story I’m going to tell you demonstrates how fragile could be smart objects, some times cheap and off-the-shelf devices could be used to compromise them. This is the case of certain models of smart […]

Bypassing locking mechanisms of a smart gun with $15 worth of magnets

The hacker ‘Plore’ demonstrated that it possible to bypass security measures implemented by German manufacturer Armatix for its smart gun.

The story I’m going to tell you demonstrates how fragile could be smart objects, some times cheap and off-the-shelf devices could be used to compromise them.
This is the case of certain models of smart guns, the Armatix IP1.
The hacker who uses the moniker ‘Plore’ demonstrated that it possible to bypass security measures implemented by the German manufacturer Armatix GmbH Smart System for its smart gun.
Armatix IP1 “smart” gun is a weapon that would only fire by its owners who wears an accompanying smartwatch to be recognized.
“The IP1 purports to limit who can fire it by requiring that the shooter wear a special Armatix watch. If the gun and the watch can’t connect via a short-range radio signal that extends just a few inches, the gun won’t fire. That’s the idea, anyway. But Plore showed that he can extend the range of the watch’s radio signal, allowing anyone to fire the gun when it’s more than ten feet away. ” reads a report published by Wired.
Plore found three ways to hack into the Armatix IP1 smart gun and use it without the smartwatch.

Plore placed $15 magnets near the barrel of the gun, this simple action allowed him to bypass the security measures implemented by the smart gun Armatix IP1.

When the gun first fired without authentication “I almost didn’t believe it had actually worked. I had to fire it again,” the researcher said. “And that’s how I found out for $15 (£11.50) of materials you can defeat the security of this $1,500 (£1,150) smart gun.” said Plore.

Plore demonstrated that he was also able to jam the radio frequency band (916.5Mhz) used by the smart gun from ten feet away by using a cheap transmitter device $20 (£15).

The radio waves emitted by the transmitter device prevent the owner from firing the gun even when he is wearing the smartwatch.

“He built a $20 transmitter device that simply emits radio waves at roughly the same 900 megahertz frequency as the gun and watch, overwhelming their communications. From as far as 10 to 15 feet away, the handheld transmitter can reliably jam the gun no matter how close it is to the owner’s watch. ” continues W
ired.

Plore also bypassed the security mechanism implemented for the smart gun by using a custom-built $20 RF amplifier to extend the range of the smartwatch. When the owner squeezes the trigger, the gun sends out a signal to check whether the watch is there or not.

The researcher was able to intercept the signal sent by the smart gun to check for the presence of the watch when the owner was trying to fire. The custom device allows extending the range by up to 12 feet, an attacker could bypass the security measure wearing the watch distance.

“When the shooter squeezes the gun’s handle, it sends out an RFID signal to check if the watch is present. But Plore showed he could place one of his radio devices near the watch to intercept the signal, and relay it to another gadget as far as 12 feet away. That means the gun doesn’t need to be next to the shooter’s wrist, as intended, but can instead be held by someone else, breaking its tight identity restrictions.” reported Wired.

Evidently smart guns are not so smart.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – smart gun, hacking)

[adrotate banner=”13″]