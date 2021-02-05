Within companies, some Nespresso coffee dispensers work with contactless Mifare Classic cards, which are extremely easy to hack.

Among the Nespresso coffee machines, there are models dedicated to companies operating with a contactless card that can be credited. In a blog post, hacker Polle Vanhoof showed that it is possible to hack these cards quite easily and modify the credit they contain as desired.

Indeed, some Nespresso contactless cards are of the Mifare Classic type, an RFID standard created by NXP Semiconductor known for its great vulnerability. The confidentiality of stored data is indeed based on an encryption algorithm (Crypto1) which was broken… in 2008. In a few seconds, Polle Vanhoof therefore exported the data in clear from a card and analyzed them. By comparing two different exports of the card, he was able to locate the three-byte memory area on which the credit is encoded.

All the hacker needed to do next was edit the exported data and reload it on the card. He obviously chose the maximum possible: 167,772.15 euros. Enough to drink coffee for many years.

According to the expert, there are two solutions to this problem: use contactless cards with better security, or have the credits stored at a server level. Nespresso reported having these types of solutions in the catalog. We must hope that the supplier no longer sells Mifare Classic cards!

Source : Blog Note