Cybersecurity researcher hacks smart coffee maker with ransomware, uses it to ask for money

It turns out, smart coffee makers can get hacked, according to a recent report.

Martin Hron, a senior researcher at cybersecurity software company Avast, recently figured out how to hack into a smart coffee maker and use the machine to ask for money.

Hron used a coffee maker from a company called Smarter that allows someone to make coffee using their smartphone or tablet, according to a Friday blog post.

However, the coffee maker he used for his research was made before 2017, when the company switched to a new, more secure platform, the post said.

WEBMD SLAMMED FOR ‘CHAI LATTE’ RECIPE

According to Hron, once the smart coffee maker is turned on, it “creates its own Wi-Fi network that the hopeful coffee drinker first connects to in order to set up the device.”

However, the coffee maker’s protocol — or the form it uses to transmit information between the app and the machine — has “hardly any encryption, authorization or authentication,” Hron said in the post.

NATIONAL COFFEE DAY: WHERE TO GET FREE OR DISCOUNTED JAVA

The coffee maker also lacks any other form of security, to “anyone who has access to the network and is able to reach the IP address of the coffee maker can control it,” the post said.

However, in order to really take over the coffee maker to use it for “nefarious purposes,” Hron decided to try to change the machine’s firmware — which he was able to do.

MOST COFFEE-DRINKING AMERICANS SAY ICED COFFEE SEASON IS YEAR-ROUND: STUDY

At first, Hron said, he wanted to use the coffee maker to mine cryptocurrency, but the CPU was too slow.

He decided instead to make it a “ransomware machine,” that would make the coffee maker ask for money.

“We created ransomware that when triggered renders the coffee maker unusable and asks for ransom, while at the same time turning on the hotbed, water dispensing heating element, permanently and spinning up the grinder, forever, displaying the ransom message and beeping,” Hron wrote.

CLICK HERE TO GET THE FOX NEWS APP

“We thought this would be enough to freak any user out and make it a very stressful experience,” he added. “The only thing the user can do at that point is unplug the coffee maker from the power socket.”

A cybersecurity researcher was able to hack into a smart coffee maker -- from 2016 -- to turn it into a "ransomware machine." (iStock) 

A cybersecurity researcher was able to hack into a smart coffee maker — from 2016 — to turn it into a “ransomware machine.” (iStock) 

A minute-long video of the ransomware attack on the coffee maker was posted on YouTube on Friday.

CLICK HERE TO SIGN UP FOR OUR LIFESTYLE NEWSLETTER

Smarter did not immediately respond to Fox News’s request for comment, but the company did tell Forbes that the company significantly upgraded the security for its devices in 2017.

“Smarter is committed to ensuring its smart kitchen range has the highest levels of security safeguards at its core, and all connected products sold since 2017 are certified to the UL 2900-2-2 Standard for Software Cybersecurity for Network-Connectable Devices,” the company said. “A very limited number of first-generation units had been sold in 2016 and although updates are no longer supported for these models, we do review any legacy claims on a per customer basis in order to provide continued customer care.”

FOLLOW US ON FACEBOOK FOR MORE FOX LIFESTYLE NEWS

Go To The Source