Thieves of the future will look back on today’s stick-up artists and have a good old belly laugh. Why would anyone ever rob a cashier with a gun, when all that is needed is a smartphone?
Matt Bergin, a security consultant at Core Security, discovered he could hack a cash register remotely, popping it open, by sending two digits from his smartphone to the service running on the cash register’s point-of-sale system. No gun or holdup note was required. He was able to do so through a vulnerability in Xpient, which makes point-of-sale software that runs on cash drawers.
“It was extremely trivial,†Mr. Bergin said in an interview Wednesday. He reverse-engineered Xpient’s point-of-sale system, expecting that to interact with it he would have to crack a password or break through a layer of encryption. To his surprise, he encountered neither. By simply sending a two-digit code from his phone to the point-of-sale system, he discovered he could pop open the cash register remotely.
Christopher Sebes, the chief executive of Xpient, said in an interview Thursday that the company had issued a patch for the vulnerability, which Xpient customers can download to their systems. Mr. Sebes noted that customers who had a Windows firewall switched on would be protected from the hack, regardless of whether they had downloaded the patch. He also noted that someone could just as easily pop open a cash register by physically hitting the “No Sale†button on the register itself.
Increasingly, criminals are finding ways to use digital tactics for physical theft. In February, thieves stole $45 million from thousands of New York City A.T.M.’s in a few hours using a few keystrokes. It was one of the largest heists in New York City history, the authorities said, on par with the 1978 Lufthansa robbery at Kennedy Airport that inspired a scene in the 1990 film “Goodfellas.â€
