Image by Valentin Ciccarone, from Unsplash
Hackers Hijack Campus Washing Machines, Making Laundry Free
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Sarah Frazier Former Content Manager
Hackers hijacked five smart washing machines at Amsterdam’s Spinozacampus, making the washings free.
In a rush? Here are the quick facts:
- Students washed clothes for free until DUWO shut the laundry room.
- 1,250 residents rely on overloaded analog machines on nearby Darlingstraat.
- Expert Sijmen Ruwhof warns hacked devices could launch larger cyberattacks.
More than 1,200 students living at the University of Amsterdam’s Spinozacampus have been unable to do their laundry since July after hackers broke into the digital payment system of five smart washing machines, as first reported by Folia .
The attackers modified the built-in payment system and allowed students to wash their clothes for free. The housing provider DUWO disabled the laundry room access because they could no longer afford to maintain the costs.
“Because we purchase the machines ourselves, we need the income to be able to continue offering laundry services to our residents at affordable prices,” a spokesperson for Duwo said to The Register .
The 1,250 campus residents now rely on ten outdated analog washing machines, as the hacked laundry facilities at Spinozacampus remain closed. However, students now face long delays as the older machines are often overloaded, with students reporting that sometimes only one works.
While most residents say the summer heat has been a bigger issue than the laundry, the incident highlights a growing cybersecurity risk.
Hacking expert Sijmen Ruwhof explained: “Smart devices, such as some speakers, washing machines or televisions, are connected to a network. Using a programme on your laptop, you can take control of a washing machine,” as reported by Folia
Ruwhof warned that hacked devices can be used for more than free laundry. “If thousands of those hacked internet connections simultaneously go to a large website such as NOS, that website will be down in no time,” reported Folia.
He also noted that finding the culprit is difficult and suspects a professional rather than curious students. Dutch law allows prison sentences of up to six years for such hacks. DUWO has now decided to switch back to analog machines, expected in mid-September.
Image by Brian J. Trom, from Unsplash
“ModStealer” Malware Targets Crypto Wallets, Evades Antivirus Detection
- Written by Kiara Fabbri Former Tech News Writer
- Fact-Checked by Sarah Frazier Former Content Manager
ModStealer is a new cross-platform malware that evades antivirus tools, spreads through fake job ads, and steals crypto wallets credentials.
In a rush? Here are the quick facts:
- ModStealer spreads through fake job ads targeting developers.
- Malware steals crypto wallets, credentials, and configuration details.
- It bypasses antivirus detection using obfuscated NodeJS code.
The cybersecurity company Mosyle detected a dangerous new malware that steals sensitive information while evading detection from standard antivirus systems. The security community discovered ModStealer malware on VirusTotal nearly a month ago yet has gone unnoticed by major security engines.
The disguised NodeJS JavaScript file runs on victim computers without triggering any alerts from typical antivirus software.
The malware’s primary target is personal data. The researchers found a programming code which targets cryptocurrency wallets, login credentials, configuration details, and certificates.
The malware contains pre-programmed attacks against 56 browser wallet extensions, including Safari, which enables hackers to steal private keys, and account details.
ModStealer is also capable of clipboard capture, screen capture, and even remote code execution. “The first two are bad, but the latter can give attackers nearly complete control over infected devices,” Mosyle explained, as reported by 9to5Mac.
On macOS, the malware uses Apple’s own launchctl tool to embed itself as a LaunchAgent, giving it persistence on infected machines. The malware functions in stealth mode, collecting system data which it then transfers to a Finnish server connected to a German-based infrastructure. In this way it hides the attackers’ actual location.
9to5Mac reports that Mosyle believes ModStealer is part of a growing Malware-as-a-Service market, where professional hackers sell ready-made malware to less skilled criminals.
“For security professionals, developers, and end users alike, this serves as a stark reminder that signature-based protections alone are not enough,” Mosyle warns, as reported by 9to5Mac.
