14 DAY TRIAL // Ruben Santamarta, a security researcher with IOActive, has found a way to hack into the firmware of a counterfeit money detector that’s widely used in Spain and make it accept a simple piece of paper as valid currency.
The device on which the expert performed his research is Secureuro, designed to identify fake euro banknotes.
According to the manufacturer, the counterfeit money detector cannot be replicated and it cannot be deceived. However, the expert has demonstrated that these claims are not accurate.
First of all, Santamarta has found that he can access the firmware and the EEPROM on Secureuro without any hardware hacking. Furthermore, the firmware is not protected by any encryption system.
“My intention is not to forge a banknote that could pass as legitimate, that is a criminal offense. My sole purpose is to explain how I identified the code behind the validation in order to create ‘trojanized’ firmware that accepts even a simple piece of paper as a valid currency,” the expert noted.
“We are not exploiting a vulnerability in the device, just a design feature,” he added.
Santamarta has managed to create his own firmware that instructs the device to accept even a piece of paper as valid currency. An attacker that possesses such modified firmware only needs temporary physical access to the detector in order to install it and make sure counterfeit money is not flagged.
“Taking into account the types of places where these devices are usually deployed (shops, mall, offices, etc.) this scenario is more than feasible,” he said.
Hopefully, such research will get vendors to realize that they need to integrate security systems into such counterfeit money detectors.
Additional technical details and a video that demonstrates the attack can be found on IOActive’s blog.