Hackers “Break Into” Smart Buildings to Launch DDoS Attacks

  • Hackers are using a PoC exploit on well-known vulnerabilities to take over smart building access control systems.
  • From there, the malicious actors are using the hijacked terminals to launch DDoS attacks or to infiltrate deeper.
  • The vendor of the vulnerable systems is not interested in fixing the flaws, although they know about them for almost a year now.

Hackers are hijacking smart door/building access control systems made by Nortek Security & Control (NSC), and use them as platforms to launch DDoS attacks. The product that is targeted the most is the “Linear eMerge E3”, which is still plagued by vulnerabilities that were disclosed back in May 2019. The set of vulnerabilities was quite rich, and their discovery was the work of researchers from Applied Risk. As for the types of problems, there is cross-site scripting, command injection, weak default hard-coded credentials, privilege escalation, authorization bypass, request forgery, directory traversal, stack-based buffer overflow, and root access over SSH.

Six out of the ten vulnerabilities that were discovered back then were classified as “highly critical”, but the NSC still chose to ignore the security advisory. Six months later, in November 2019, Applied Risk released a proof of concept (PoC), so hackers had everything they needed to hijack these systems. The most prominent exploitation method according to the recent reports is the one which involved command injection (CVE-2019-7256). Using this flaw, hackers manage to execute commands remotely via specially-crafted HTTP requests. This eventually leads to the downloading of malware, which renders the target machine into a DDoS bot.

Security experts “SonicWall”, who have also been following these attacks state that the hackers are seeking vulnerable targets anywhere in the world and not just the United States where NSC enjoys its biggest market success. In fact, they have counted 2375 vulnerable eMerge systems in over 100 countries from around the globe. Of course, this number isn’t a staggering one, but the implications of having your building access system hacked go beyond just getting involuntarily signed up for DDoS botnets. The eMerge hacks could very easily serve as entry points for deeper infiltration into the corporate network, and all the consequences come with it.

Smart building systems are convenient, but they constitute a new attack surface as well. For as long as the Nortek Security and Control insists on ignoring the problems and choosing not to issue a fixing patch for the eMerge, the firms that deploy these systems should take then offline immediately. If that’s impossible, admins are advised to set up a strict firewall or a VPN to limit the access of hackers to the vulnerable terminals. Since the NSC hasn’t made an official statement about this, it is unknown when and even if they are planning to fix the 10 flaws that are still plaguing eMerge.

REVIEW OVERVIEW

Latest

How to Watch Moon Knight on Disney Plus: Release Date, Cast, Trailer, Plot

Marvel Studios' Moon Knight series launch date and trailer were announced recently, and everyone is super excited to see it. This is...

My Hero Academia Battle Royale Coming Soon – Check Out The Gameplay

Good news for anime and gaming fans across the world: My Hero Academia is about to get its own Battle Royale game!...

One Punch Man Chapter 157 Release Date, Time and Where to Read Online

One Punch Man Chapter 157 is about to release soon, and we've got all the information you need to catch up! One...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari