this post was submitted on 10 Jan 2024
54 points (95.0% liked)

Technology

70711 readers
3357 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
54
Hackers can infect network-connected wrenches to install ransomware | Researchers identify 23 vulnerabilities, some of which can exploited with no authentication (arstechnica.com)
submitted 1 year ago by L4s@lemmy.world to c/technology@lemmy.world
10 comments fedilink hide all child comments
 

Hackers can infect network-connected wrenches to install ransomware | Researchers identify 23 vulnerabilities, some of which can exploited with no authentication::Researchers identify 23 vulnerabilities, some of which can exploited with no authentication.

top 10 comments
sorted by: hot top controversial new old
[–] JeeBaiChow@lemmy.world 39 points 1 year ago (4 children)

Ok. Why tf does a wrench need to be network connected?

[–] Overlock@sopuli.xyz 3 points 1 year ago* (last edited 1 year ago)

For firmware updates I guess (/s)

[–] anon_8675309@lemmy.world 0 points 1 year ago

Because nobody funds hardware if they can’t get MRR.

[–] oDDmON@lemmy.world 0 points 1 year ago

I have no earthly idea, but feels like “‘Cuz we can”.

[–] Obi@sopuli.xyz 4 points 1 year ago (2 children)

Why is the wrench in space?

[–] Gork@lemm.ee 2 points 1 year ago

Your wrenches aren't in space?

[–] darkevilmac@lemmy.zip 1 points 1 year ago

Just let him cook

[–] autotldr@lemmings.world 3 points 1 year ago

This is the best summary I could come up with:

Researchers have unearthed nearly two dozen vulnerabilities that could allow hackers to sabotage or disable a popular line of network-connected wrenches that factories around the world use to assemble sensitive instruments and devices.

The vulnerabilities, reported Tuesday by researchers from security firm Nozomi, reside in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B.

The cordless device, which wirelessly connects to the local network of organizations that use it, allows engineers to tighten bolts and other mechanical fastenings to precise torque levels that are critical for safety and reliability.

The Nutrunner provides a torque-level indicator display that’s backed by a certification from the Association of German Engineers and adopted by the automotive industry in 1999.

The malware could then be used to disable entire fleets of the devices or to cause them to tighten fastenings too loosely or tightly while the display continues to indicate the critical settings are still properly in place.

The vulnerabilities found on the Bosch Rexroth NXA015S-36V-B allow an unauthenticated attacker who is able to send network packets to the target device to obtain remote execution of arbitrary code (RCE) with root privileges, completely compromising it.

The original article contains 344 words, the summary contains 187 words. Saved 46%. I'm a bot and I'm open source!

[–] JeeBaiChow@lemmy.world 1 points 1 year ago

How did people ever survive before the internet I'll never know.