This is becoming a buzz in Belgium in this holidays period and all media are busy to relay it: One of the biggest advertising panel in Brussels has been hacked! Sitting on top of a building, Place de Broeckere, it is well known from the people of Brussels. If it is usually displaying Coca-Cola ads, it started to display funny pictures on the 8th of December (a video is available here).
It seems that an official complaint has been filled by the City of Brussels and Coca-Cola. It looks funny to change pictures on a big screen seen by many people but it remains an illegal action. What about the access? Based on the information gathered here and there, it seems that the guys behind the “hack” (note the quotes) had a physical access to the building, they were able to access the computer through an unsecured roof hatch. By having access I meant they were able to put their hands on the computer. Some questions popped in my mind:
- Why was the physical access not enforced?
- Why the computer was located close to the panel?
- Why was the computer not hadrned?
There is absolutely no magic behind this “hack“. Keep in mind, if bad guys have a physical access to a device, consider it as compromized…
Yesh, why was the computer not hadrned? – Poshibly becaush the hadrners were (hic) slightly tipshy?
@xme https://t.co/GraD7hKi4t
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
@xme @DEYCrypt I just hacked my PC (typed a tweet into https://t.co/QDfIdXekx0)
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1
RT @xme: [/dev/random] Physical Access == Pwn3d! https://t.co/kC3ZGVsTB1