Skip to main content

Security researchers demo point-of-sale system hack to buy a MacBook for $1 [Video]

Avatar for Ben Lovejoy  | Aug 28 2017 - 6:04 am PT
0 Comments

Security researchers have identified a vulnerability in Point Of Sale (POS) terminals used by a large number of major chains, and hacked it to allow them to buy a MacBook for one dollar …

TNW reports that ERPScan researchers Dmitry Chastuhin and Vladimir Egorov found the hack scarily easy to carry out. The key to it is that point-of-sale terminals developed by SAP and Oracle have no encryption or authorization procedures to prevent the price database being modified from within the store’s own network.

The attack does require physical access to the network, but as they demonstrated, many stores make this ridiculously easy. They found Ethernet ports on unused tills, weighing machines and just generally scattered around the store.

The connections between POS workstation and the store server […] [often] lack the basics of cybersecurity – authorization procedures and encryption – and nobody cares about it. So, once an attacker is in the network, he or she gains full control of the system.

All they needed to do was program a $25 Raspberry Pi to access the backend system for the POS and make the price adjustment. In this case, they changed the price of a MacBook to just $1.

They do note that real-life attacks would have to be a little more subtle. Even the most jaded of till operators would likely realize that an Apple laptop shouldn’t be costing a dollar. But if an attacker were to be a little more modest in their price reductions, and buy a bunch of other stuff at the same time, it could easily pass unnoticed.

They advised Oracle and SAP of their findings, and SAP issued two security patches to block the attack, telling us that customers are advised to apply these immediately.

SAP Product Security Response Team collaborates frequently with research companies like ERPScan to ensure a responsible disclosure of vulnerabilities. All vulnerabilities in question in SAP Point of Sale (POS) Retail Xpress Server have been fixed, and security patches are available for download on the SAP Support Portal. We strongly advise our customers to secure their SAP landscape by applying the available security patches from the SAP Support Portal immediately.

Check out the demo in the (badly-acted) video below.

https://www.youtube.com/watch?v=kP1xHUBnAEs

Add 9to5Mac to your Google News feed. 

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Mac on YouTube for more Apple news:

Comments

Guides

Security

Security

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!

Ben Lovejoy's favorite gear

Dell 49-inch curved monitor

Dell 49-inch curved monitor