Expert in Information Security Covid-19 test violatedAnd amend the result and obtain a certificate with false information. The bug was reported to the developer, who fixed the gap that occurred at the time when data was transferred to an app via Bluetooth.
Covid-19 Hacked Test: Security Hole Details
The flaw was found by Detective Ken Gannon, of the security company that bears his last name, in Ellume home test, which allows the results to be tested and sent to an application that saves them as a certificate. It delivers information in 15 minutes and according to the official website can be used from the age of two years.
Read alsoData of 400,000 patients exposed in a health organization hack
as a note the edgeHacking was not a simple process. Gannon used a faulty Android device to access data managed by the Ellure app. With this check, he determined the method of sending the results and methods of identity verification, and then falsified the results. in your case, He succeeded in changing “negative” to “positive.”. After that, the investigator received a notification of the falsified result.
Speaking to the aforementioned post, the researcher commented that he did not test whether this same gap exists in the version of iOS that the Covid-19 test device uses. Additionally, reports have indicated that Android spoofing works in both directions: negative to positive and vice versa.
Behind this forgery is a “white hat” pirate.
In the world of computer security, there are details to identify the actions of hackers, as well as the negative connotation of the term. The ‘White Hat’ are those who use their knowledge and experience for noble purposes. what are you doing? They break systems to report and fix malfunctions before hackers can exploit them.
Some companies hire these white hat hackers directly to identify and patch vulnerabilities.
The Gannon hack reviewed here fits this terrain. Strictly speaking, the researcher said that he did this research for Determining whether an average user can fake a Covid-19 test.
Prior to Ellume’s correction, the specialist commented that “someone with appropriate motivation and technical skills could use these failures to ensure that he or someone they work with, gets a negative outcome every time they are subject to evidence.”
Read also: Android virus: one of the most downloaded applications puts thousands of users at risk
The company that developed the test indicated that it is also working on a verification portal that will allow authorities to identify potential cases of fraud in the results. They also indicated that they had not found cases of fraud prior to Gannon’s exposure.
“Reader. Organizer. Infuriatingly humble twitter expert. Certified communicator.”