Security consultant hacked a capsule hotel to shut up his noisy neighbor

A security researcher hacked a hotel to teach his noisy neighbor a lesson - he was able to control his lights, bed, and fan. It is yet another example of a lack of adequate protection for smart devices.

"Everything happened when I was traveling in a foreign country for holidays. I booked a few nights in what we call a capsule hotel, and I noticed that they were using several different technologies," Kya Supa, security consultant at LEXFO, said at the beginning of his presentation at the Black Hat USA 2021 conference.

Capsule hotel refers to tiny rooms stacked side by side with nothing but a bed in them. The room is usually separated only by the curtain, and the bathroom and the living room are located in the common area.

Generally, this accommodation is cheap, and the guests - quiet and respectful of each other. But Bob wasn't. Supa's neighbor, who he referred to as Bob, was constantly talking on the phone after midnight.

"He woke me up because he was making phone calls at 2 a.m. in the morning, and he was speaking very loudly," Supa recalled.

Since it disturbed Supa, he asked nicely to tone it down. When Bob didn't take that into consideration, Supa decided to teach him a lesson.

"I take my sleep seriously. I thought it would be nice to take control of his room and make him have a lovely night", he said.

Supa discovered that you need an NFC badge to access the floor, and the room is controlled by an iPod touch using Bluetooth and WiFi. After a bit of search, he found that each room had a pair of Internet of Things (IoT) devices from Nasnos vendor. iPod was under the control of what is called Guided Access - it locks the device to run a single application. Supa got control of the device, letting him run out of power and rebooting it, and discovered that Nasnos network used an outdated WEP protocol. In the end, it took six vulnerabilities to take control of his noisy neighbor's room and the whole hotel.

Supa played with turning on and off lights in Bob's room every two hours at night, making his bed collapse. The security consultant contacted the hotel afterward, and its managers switched to a more secure architecture.

Capsule hotel. (c) Shutterstock

In this case, Supa just wanted to raise awareness. Well, besides from messing up with Bob. But IoT devices are widely spread, and certainly, most of the hackers penetrating them are not as nice as Supa.

Nokia Threat Intelligence Report found that Internet-connected, or IoT, devices now make up roughly 33% of infected devices, up from about 16% in 2019. 

“I equate the home environment to sort of like a coffee shop, meaning that in most cases, most people’s home networks are pretty dirty. They’ve got a lot of IoT devices, many of which are pretty easily exploitable,” Mike Wilson, CTO of Enzoic, a Colorado-based cybersecurity company, once told CyberNews.

IoT consumer devices are also named one of the biggest threats to corporate networks. Homes full of IoT devices with little or poor security standards are already exposing businesses to vulnerabilities. Most home users do not have the time or inclination to update the passwords or firmware on every device. Meanwhile, ransomware attackers are scanning networks looking for the easiest entry point via a weak IoT device.

Recent research by the CyberNews Team revealed that over 380 thousand IP cameras might be easily accessible worldwide, with the US and Germany in the lead. Actually, a new smart car is also an IoT device, and therefore, it can be hacked. And if you think that your bedroom is out of reach, even your sex toys might be spying on you.

More from CyberNews:

Social engineering goes automatic: new robocall bot on Telegram can trick you into giving up your password

Unsettling statistics: How your financial data is spread across the internet

Iran threat actor Charming Kitten has exfiltrated 2TB of victims’ data since 2018

The US Postal Service sued for alleged massive spying program

Influenced by the pandemic, data breach costs hit a record high, IBM report shows 

Ransomware surged 93% in last 6 months fueled by triple extortion

DuckDuckGo’s new email privacy service: how will marketers react? 

Oppressors used Pegasus for nefarious means. It can’t be that shocking

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked