Two students have discovered a security flaw that could allow millions of people to wash clothes for free

A security flaw could allow millions of college students to do their laundry for free thanks to one company. This is due to a security flaw discovered by two UC Santa Cruz students in internet-connected washing machines used commercially in several countries. accordingly TechCrunch.

Two students, Alexander Sherbrooke and Yakov Taranenko, apparently exploited the machine’s application programming interface to, for example, remotely instruct them to work for free and update laundry accounts that contained millions of dollars. The company that owns the machines, CSC ServiceWorks, claims ownership of them More than one million washing machines have been sold Used in colleges, apartment buildings, laundries and more throughout the US, Canada and Europe.

CSC never responded when Sherbrooke and Taranenko reported the vulnerability via email and phone call in January. TechCrunch However, the students told the outlet that the company “quietly deleted” their fake millions after they contacted the company.

The lack of response prompted him to tell others about his findings. This includes companies that have List of released commandsWhat both of them said TechCrunch Allows connection to all laundry machines networked with CSC. CSC Serviceworks did not immediately respond edges’Please comment.

The CSC vulnerability is a good reminder that the Internet of Things security situation is far from resolved. CSC may take risks for exploits discovered by students, but in other cases, lax cybersecurity practices allow company hackers or contractors to view security camera footage from strangers or access smart plugs.

Security researchers often find and report these vulnerabilities before they are actually exploited. However, it is not helpful if the responsible company does not respond.