In response to recent public outcry, Recall is getting new security accouterments. Will that be enough to quell concerns?

Source: Photo 12 via Alamy Stock Photo

Microsoft is adding new security measures to assuage widely publicized concerns over its new "Recall" AI feature. Some, though, still aren't convinced the company went far enough.

It's now just eight days until Microsoft releases Recall, a new artificial intelligence (AI)-driven program that will periodically take, store, and analyze screenshots of Copilot+ PCs as they're being used day-to-day. Recall is supposed to act like a kind of memory bank, allowing users to instantly find and reference things they've come across recently: apps, websites, images, and documents.

From the outset, Recall has been criticized as a potential goldmine for personal data theft. The noise got loud enough that, on Friday, Microsoft announced three new security-oriented updates for it:

*   In a reversal of its initial stance, Microsoft will now ship Recall turned off by default.
    
*   Users will need to enroll in Windows Hello in order to enable it, and so-called "proof of presence" will be required to use its primary features.
    
*   Recall data will be encrypted, and only decrypted and accessible once a user authenticates via Windows Hello.
    

Though they may represent a step in the right direction, experts remain skeptical that these changes will be enough to protect users' most sensitive passwords, photos, personally identifying information (PII), and financial information from hackers.

**Risks in Recall: A Case Study**

Many security experts cringed when Recall was announced, but few more than Marc-André Moreau, CTO of Devolutions. He worried that Windows' newest toy would inevitably capture and store visible passwords from his company's software for managing remote connections. With such passwords in hand, hackers would be able to easily connect to and manipulate any victim PC.

"Looking at documentation for how Recall works," he recalls, "it literally said that it wouldn't make an effort of removing sensitive information, credentials, or PII — anything which you would want scraped out, it would just keep in local files."

Microsoft's logic, it seemed, was that because Recall screenshots were stored only on the user's machine, they would remain safe from remote access. "Microsoft has this new chip which makes it possible to do the processing locally, and they thought that everybody would be fine since the data isn't uploaded to the cloud," Moreau explains. "But you wouldn't install a keylogger on your machine just because the files are stored locally. Files can be grabbed by malware. So why would you enable Recall?"

To demonstrate the point, he performed a simple red team exercise. In his telling, "I didn't have to do much. I just set up an environment, used some tool that somebody made online to force-install it, and then I installed \[Devolutions'\] Remote Desktop Manager. I clicked 'view password,' then 'record,' and then I found the database. I opened it, and I could see the extracted password alongside the screenshot that includes the password."

> Here's Recall capturing temporarily visible passwords from Remote Desktop Manager in a test Azure VM. It's less effective that I would have thought, the search results are screenshots, and it's unclear how one can obtain the full OCR text it used for the match pic.twitter.com/RUiLs57bKz  
> — Marc-André Moreau (@awakecoding) June 3, 2024

Other researchers have also found simple ways of accessing sensitive data in Recall screenshots. One has already developed and released an open source tool to help speed up the job.

To try to protect his customers, Moreau next looked for a way to exclude his company's software from Recall by default. He came up short.

**Are Microsoft's New Updates Enough?**

Users will have more control over their data privacy now, thanks to Microsoft's turning off Recall by default.

Moreau is skeptical, though, that Windows Hello can be fully and properly integrated into Recall without delaying its preview release, which is mere days away. "I'm in software, things don't happen that fast," he says.

Dark Reading reached out to Microsoft for comment on how it will be able to marry Windows Hello and Recall in time for June 18. In response, Microsoft said in a statement: "As we shared in our May 3 blog, security is our top priority at Microsoft, in line with our ⁠Secure Future Initiative (SFI), and we are evaluating Recall through that lens. As we implement SFI across Microsoft, we may shift some feature release dates and will update our public roadmaps as this happens."

In the barely a month since that blog post, and Satya Nadella's letter "prioritizing security above all else," for some critics, Recall recalls other AI products that are getting rushed to market.

Ironically, AI could well solve these programs' most pressing security flaws. "I could upload a Recall screenshot to ChatGPT today and tell it to identify the data which looks sensitive, and it will be able to," Moreau notes. "They could have used their AI chip to help solve this \[data leakage\] but they didn't even try. They were too eager to ship."

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Microsoft Modifies 'Recall' AI Feature Amid Privacy, Security Failings

The threat environment will continue to grow in complexity. Now is the time for organizations to streamline how they manage and mitigate overlooked vulnerabilities.

Source: Stephen Parker via Alamy Stock Photo

According to Coalition's research, Common Vulnerabilities and Exposures (CVEs) are expected to increase by 25% in 2024 to a shocking height of 34,888 vulnerabilities, or roughly 2,900 per month. As attack surfaces continue to expand rapidly, business leaders face mission-critical choices in increasing their cyber defenses to improve vulnerability warning, patch management, and incident response.

Through our honeypot data and view into our cyber insurance policyholders' attack surfaces, security tools, and workflows, Coalition has identified the key technology choices that place businesses at risk — as well as the choices that are proving most effective.

**Short-Sighted Business Choices**

Several factors contribute to the current state of weak vulnerability management, making organizations more susceptible to cyberattacks.

First, companies often leave security teams under-resourced and overworked. These cyber workforce challenges — from worker shortages and cyber skill gaps to security burnout — continue weighing down security teams. Information security professionals are enduring extreme alert fatigue, inhibiting their ability to quickly track, patch, and remediate vulnerabilities.

Second, choosing to use disparate flagging systems keeps critical information on the latest threats siloed. Companies and their customers are at risk because key resources are managed separately: The National Institute of Standards and Technology's (NIST) Common Vulnerability Scoring System (CVSS) scores, the Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) Catalog, and miscellaneous (and often belated) security advisories from vendors all come from distinct sources. The onus then is transferred to each organization to stay on top of all these different information sources. Worse, now that NIST is facing major backlog issues, its National Vulnerability Database can no longer be seen as a source of truth, complicating the picture further.

Third, companies don't always put business resources into closing the talent gap. ISC2 found that while the cybersecurity workforce grew 8.7% year over year in 2023, the workforce gap grew an additional 12.6%. Supply is outpacing demand, and security teams are simply strapped.

Finally, choosing to ignore technical debt keeps old and outdated software a high-risk target. Legacy technologies and companies' massive lists of technology subscriptions not only take up security budgets, but they also expand businesses' attack surfaces. Many businesses don't have the budget to explore new security tools or approaches because they are weighed down by technical debt.

**Risky Technical Choices**

Security teams must make smarter choices about the overlooked risks threat actors continue to successfully target and exploit year after year: unpatched vulnerabilities, Internet-exposed technologies, and end-of-life (EOL) technology.

First, understand that vulnerabilities can turn seemingly small software flaws into active attacks, so putting off patching is a risky decision. In a recent example, a nation-state attack from a North Korean threat group targeted a Windows zero-day vulnerability left unpatched for six months. This vulnerability's scale and business impacts are still unknown but pose a massive, ongoing risk for organizations.

Second, organizations need to pay more attention to their easily exploitable, Internet-exposed technologies. For example, Coalition found scans from unique IP addresses looking for Remote Desktop Protocol (RDP) increased by 59% from January 2023 to October 2023, indicating that cybercriminals are still targeting this vulnerable technology to gain operating system access.

Finally, companies often decide to keep outdated and EOL technologies running until they break down completely — or get penetrated. Threat actors upped their attacks on outdated, out-of-date software this last year. Coalition's report found that 10,000 businesses are running EOL database Microsoft SQL Server 2000, while over 100,000 businesses are running EOL Microsoft SQL servers. If left unaddressed, outdated technology and technical debt will cost organizations in the US trillions of dollars in the coming years.

As threat actors continue to search for the easiest risks to exploit and monetize, strengthening an organization's cyber resilience can be as simple as identifying the most easily addressable risks.

**Smarter Choices for Security Teams**

Our research shows that choosing to implement a few leading solutions improves vulnerability management and will continue to do so in the foreseeable future.

First, security professionals can leverage threat intelligence tools, like honeypots, to identify hackers' tactics, techniques, and procedures. These tools help serve as an early warning system for new threats. For example, Coalition uncovered cybercriminal activity related to the 1,000% 2023 MOVEit vulnerability spike in mid-May, two weeks before Progress Software and CISA issued their advisories. This early alerting helped our policyholders remediate the vulnerability and avoid related cyber incidents and impending cyber insurance claims. Meanwhile, the vulnerability cost the broader cyber ecosystem $15.6 billion.

Second, defenders should employ artificial intelligence (AI) to help them generate and contextualize alerts across the security ecosystem. While the cyber industry works to overcome the cybersecurity risks of AI, vendors are also finding new ways to battle adversaries with the technology. For example, Coalition's Exploit Scoring System incorporates multiple data sets and analyzes them with AI to help companies manage and prioritize risk mitigation.

Finally, remember to pair continuous threat detection and response management with a human traffic guard. The human power of security teams will lift cogent businesses over risky ones. While AI and machine learning are key to catching vulnerabilities, patching with intelligence requires people — strategic human partners who can act on the AI's automated insights.

**About the Author(s)**

Vice President of Research, Coalition

Tiago Henriques has had a rich career across the cybersecurity industry as an entrepreneur, CEO, pen tester, security analyst and auditor. In 2015 he founded BinaryEdge, a cybersecurity company specializing in enterprise infrastructure scanning and attack surface management. Since Coalition's acquisition of BinaryEdge in 2020, Tiago led customer security efforts across the organization as Director of Engineering for Security, recently becoming Vice President of Research.

Making Choices that Lead to Stronger Vulnerability Management

Cryptocurrency users beware: A malicious ComfyUI node steals sensitive data like passwords, crypto wallet addresses, etc. Stay safe…

Cryptocurrency users beware: A malicious ComfyUI node steals sensitive data like passwords, crypto wallet addresses, etc. Stay safe by using reputable sources and enabling two-factor authentication.

Cryptocurrency enthusiasts, beware! Security researchers at VPNMentor have reported a malicious custom node on the popular Stable Diffusion user interface_,_ ComfyUI to steal sensitive data like passwords, credit card details, and crypto wallet addresses.

According to VPNMentor’s report shared with Hackread.com, this malicious custom node, dubbed “ComfyUI\_LLMVISION,” has been uploaded by a user named “u/AppleBotzz” on Reddit, and is potentially putting users at risk by stealing sensitive data.

Another Reddit user, u/\_roblaughter\_, discovered and reported it after noticing login attempts on their accounts after installing the compromised node.

For your information, the ComfyUI interface is designed for workflow customization and productivity enhancement, enhancing user experience and productivity when working with the powerful AI text-to-image generation model. It, by default, uses Python-built mini-programs called custom nodes to extend its functionality, automate tasks, perform computations, or connect to external services not natively supported by ComfyUI.

“ComfyUI\_LLMVISION” presents itself as a user-friendly ComfyUI extension but in reality, it is programmed to steal sensitive data like passwords, credit card details, and browsing history, and transfer it to the attacker’s Discord server.

According to VPNMentor’s investigation, ComfyUI\_LLMVISION’s installation on ComfyUI forces the Python package manager to install several packages, including malicious versions of OpenAI and anthropic Python. 

Within these limitations, a function runs an encoded PowerShell command, which downloads the third stage of the malware and runs it. The second stage can steal crypto wallets, screenshot the user’s screen, steal device information, get IP info, and steal files with specific keywords or extensions.

It becomes hard to detect since it is concealed within custom install files for OpenAI and Anthropic libraries. However, it must be noted that ComfyUI remains secure. 

The incident highlights the need for caution when integrating third-party components into AI workflows. Recent developments, like the sale of FraudGPT or WormGPT and hijacked Bing chat responses, show the versatile nature of risks associated with AI advancements.

To protect against risks associated with open-source, third-party AI tools, exercise caution when downloading and installing custom nodes or extensions, prefer reputable repositories and developers, regularly scan systems for malware, and use strong, unique passwords for all online accounts. Enabling two-factor authentication can further enhance security. 

1.  VMCONNECT: Malicious PyPI Package Mimick Python Tools
2.  AMOS Stealer Variant Targets Safari Cookies, Crypto Wallets
3.  New Malware “BunnyLoader 3.0” Steals Credentials and Crypto
4.  Python in Threat Intelligence: Analyzing, Mitigating Cyber Threats
5.  JaskaGO Malware Targets Mac, Windows for Crypto, Browser Data

Malicious Node on ComfyUI Steals Data from Crypto, Browser Users

Plus: A media executive is charged in an alleged money-laundering scheme, a ransomware attack disrupts care at London hospitals, and Google’s former CEO has a secretive drone project up his sleeve.

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

At Apple’s Worldwide Developer Conference next week, the company will reportedly announce its own stand-alone password manager that will compete with apps like 1Password and LastPass. Dubbed simply Passwords, according to Bloomberg News, the app will reportedly have features that go well beyond the iCloud or Mac Keychain tools Apple already offers, allowing users to save passwords for Wi-Fi networks, store passkeys, and organize login credentials into categories. Passwords will also reportedly work on Windows machines, but it’s unclear whether people who use Android devices can get in on the security tool.

**Epoch Times Executive Charged With Money Laundering**

US prosecutors on Monday charged an executive at The Epoch Times newspaper with carrying out a massive money-laundering scheme. According to the US Department of Justice, Epoch Times chief financial officer Weidong “Bill” Guan engaged in “a transnational scheme to launder at least approximately $67 million of illegally obtained funds to benefit himself and the media company.”

The scheme, according to the indictment against Guan, largely involved using cryptocurrency to purchase prepaid debit cards “loaded with US dollars that had been obtained through various frauds”—including funds obtained through unemployment benefits fraud—for less than the funds on the prepaid debit cards. The purchase of the cards was carried out by members of The Epoch Times’ “Make Money Online” team, which Guan managed, according to the DOJ. The so-called MMO team would allegedly then use “stolen personal identification information” to open various accounts, which were used to transfer money from the prepaid debit cards to bank accounts associated with The Epoch Times and its employees. Guan faces one count of conspiring to commit money laundering, two counts of bank fraud, and could face decades in prison if convicted.

**Eric Schmidt Ramps Up His Secret AI Military Drone Business**

Google’s former CEO, billionaire Eric Schmidt, is quietly building a military drone company, reports Forbes. The company, called White Stork, has been testing devices at both its Hillspire office complex in Menlo Park, California, and in Ukraine. Relatively little has been publicly revealed about the company or the specifics of its technology. According to Forbes, however, “individuals flying small drones” have been spotted near the Hillspire property, and Schmidt has reportedly hired alumni from Google, SpaceX, and Apple to carry out his secretive project, providing some clues about its ambitions.

**Russian Cybercriminals Blamed for London Health Care Ransomware Attack**

A cyberattack against an organization that facilitates blood transfusions and other sensitive medical care disrupted hospitals and other health care entities across London this week. The attack targeted Synnovis, which manages a partnership between King’s College Hospitals trust and Guy’s and St Thomas’ hospital trust, and Synlab, a European medical testing firm. In a statement published on Tuesday, Synnovis said the attack “has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services.” This forced hospitals to cancel surgeries involving blood transfusions and other procedures. Ciaran Martin, a former top UK cybersecurity official, blamed the attack on Qilin, a cybercriminal gang believed to have ties to Russia.

Apple Is Coming for Your Password Manager

Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.
The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.
According to DEVCORE security researcher, the shortcoming makes

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

Spanish speakers beware! A new campaign using the Agent Tesla RAT targets Spanish-speaking individuals. Learn how to protect…

Spanish speakers beware! A new campaign using the Agent Tesla RAT targets Spanish-speaking individuals. Learn how to protect yourself from this and other malware attacks.

FortiGuard Labs has discovered a phishing campaign targeting Spanish-speaking individuals to spread a new Agent Tesla malware variant. The campaign uses various techniques to target Windows-based systems and deliver the core module, including MS Office vulnerabilities, JavaScript code, PowerShell code, and fileless modules, wrote FortiGuard Labs’ researcher Xiapeng Zhang in their report.

****Here is how the attack works:****

A Spanish-language phishing email posing as a SWIFT transfer notification from a large financial institution is sent to MS Windows users. The email, translated into English, appears to be a message with a disguised Excel attachment in OLE format with crafted embedded data that exploits the CVE-2017-0199 vulnerability. 

The attachment contains an embedded OLE hyperlink, opened automatically once the victim starts the Excel file. Later, it automatically downloads an RTF document, which is opened by the Word program.

The phishing email and the embedded OLE hyperlink to an online RTF document (Credit: FortiGuard Labs)

Another vulnerability exploited in this attack is CVE-2017-11882, a Remote Code Execution vulnerability in Microsoft Office’s Equation Editor component, allowing attackers to execute arbitrary code on a victim’s computer by overriding a return address in the stack.

This Agent Tesla variant is a powerful, versatile 32-bit, .NET-based Remote Access Trojan (RAT) granting attackers complete control over infected devices.  Once installed, it can steal sensitive information from 80 software applications, focusing on login credentials, banking details, and email contacts.

Additionally, it checks if the email client is Thunderbird, cookies from a wide range of web browsers such as Chromium-based and Mozilla-based browsers, system clipboard data, computer name, OS/CPU/RAM information, and saved credentials. It can also spy on you by capturing keystrokes and screenshots. The malware is assigned a critical severity level. 

As per the report published by FortiGuard Labs, the Agent Tesla core module is a fileless module downloaded by a malicious JavaScript base64-encoded Powershell code as a normal JPG file from this URL:

    uploaddeimagens[.]com[.]br/images/004/773/812/original/js.jpg?1713882778.

This module is never saved in the local folder, making it difficult for researchers to detect. Surprisingly, this variant uses FTP protocol for data submission, unlike past variants that used HTTP POST and SMTP protocols.

Moreover, it “detects whether it’s running in an analysis environment, like sandboxes, virtual machines, etc., or where there is AV software running, like Avast, Comodo, etc.,” Zhang noted.

To stay protected, be cautious of phishing emails, update the operating system regularly, use strong passwords, and invest in reputable anti-malware solutions.

1.  Agent Tesla, Taskun Malware Targeting US Education Orgs
2.  Agent Tesla variant steals passwords from, browsers, VPNs
3.  Konni RAT Exploiting Word Docs to Steal Data from Windows
4.  Agent Tesla Variant Uses Excel Exploit to Infect Windows PCs
5.  Hackers Use Word documents to drop NetSupport Manager RAT

New Phishing Campaign Uses Stealthy JPGs to Drop Agent Tesla

Failing to properly encode user input, notifications shown in modal windows in the TYPO3 backend are vulnerable to cross-site scripting. A valid backend user account is needed in order to exploit this vulnerability.

**TYPO3 Cross-Site Scripting in Backend Modal Component**

Moderate severity GitHub Reviewed Published Jun 7, 2024 to the GitHub Advisory Database • Updated Jun 7, 2024

GHSA-7q33-hxwj-7p8v: TYPO3 Cross-Site Scripting in Backend Modal Component

After weeks of withering criticism and exposed security flaws, Microsoft has vastly scaled back its ambitions for Recall, its AI-enabled silent recording feature, and added new privacy features.

When Microsoft named its new Windows feature Recall, the company intended the word to refer to a kind of perfect, AI-enabled memory for your device. Today, the other, unintended definition of “recall”—a company's admission that a product is too dangerous or defective to be left on the market in its current form—seems more appropriate.

On Friday, Microsoft announced that it would be making multiple dramatic changes to its rollout of its Recall feature, making it an opt-in feature in the Copilot+ compatible versions of Windows where it had previously been turned on by default, and introducing new security measures designed to better keep data encrypted and require authentication to access Recall's stored data.

“We are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall,” reads a blog post from Pavan Davuluri, Microsoft's corporate vice president for Windows and devices. “If you don’t proactively choose to turn it on, it will be off by default.”

The changes come amid a mounting barrage of criticism from the security and privacy community, which has described Recall—which silently stores a screenshot of the user's activity every five seconds as fodder for AI analysis—as a gift to hackers: essentially unrequested, preinstalled spyware built into new Windows computers.

In the preview versions of Recall, that screenshot data, complete with the user's every bank login, password, and porn site visit would have been indefinitely collected on the user's machine by default. And though that highly sensitive data is stored locally on the user's machine and not uploaded to the cloud, cybersecurity experts have warned that it all remains accessible to any hacker who so much as gains a temporary foothold on a user's Recall-enabled device, giving them a long-term panopticon view of the victim's digital life.

"It makes your security very fragile,” as Dave Aitel, a former NSA hacker and founder of security firm Immunity, described it—more charitably than some others—to WIRED earlier this week. “Anyone who penetrates your computer for even a second can get your whole history. Which is not something people want.”

In addition to making Recall an opt-in feature, Microsoft’s Davuluri also writes that the company will make changes to better safeguard the data Recall collects and more closely police who can turn it on, requiring that users prove their identity via its Microsoft Hello authentication function any time they either enable Recall or access its data, which can require a PIN or biometric check of the user’s face or thumbprint. Davuluri says Recall’s data will remain encrypted in storage until the user authenticates.

All of that is a “great improvement,” says Jake Williams, another former NSA hacker who now serves as VP of R&D at the cybersecurity consultancy Hunter Strategy, where he says he's been asked by some of the firm's clients to test Recall's security before they add Microsoft devices that use it to their networks. But Williams still sees serious risks in Recall, even in its latest form.

Many users will turn on Recall, he points out, partly due to Microsoft’s high-profile marketing of the feature. And when they do, they’ll still face plenty of unresolved privacy problems, from domestic abusers that often demand partners give up their PINs to subpoenas or lawsuits that compel them to turn over their historical data. “Satya Nadella has been out there talking about how this is a game changer and the solution to all problems,” Williams says, referring to Microsoft's CEO. “If customers turn it on, there’s still a huge threat of legal discovery. I can’t imagine a corporate legal team that’s ready to accept the risk of all of a user’s actions being turned over in discovery.”

For Microsoft, the Recall rollback comes in the midst of an embarrassing string of cybersecurity incidents and breaches—including a leak of terabytes of its customers' data and a shocking penetration of government email accounts enabled by a cascading series of Microsoft security slipups—that have grown so problematic as to become a sticking point given its uniquely close relationship with the US government.

Those scandals have escalated to the degree that Microsoft's Nadella issued a memo just last month declaring that Microsoft would make security its first priority in any business decision. “If you’re faced with the trade-off between security and another priority, your answer is clear: **Do security**,” Nadella's memo read (emphasis his). “In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems.”

By all appearances, Microsoft's rollout of Recall—even after today's announcement—displays the opposite approach, and one that seems more in line with business as usual in Redmond: Announce a feature, get pummeled for its glaring security failures, then belatedly scramble to control the damage.

Microsoft Will Switch Off Recall by Default After Security Backlash

Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant.
The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

A security vulnerability in Ariane Allegro Hotel Check-In Kiosks exposed guest data and potentially compromised room access. However,…

A security vulnerability in Ariane Allegro Hotel Check-In Kiosks exposed guest data and potentially compromised room access. However, a patch has been developed and is now available to address this issue, enhancing the security of the system

Pentagrid, a Swiss cybersecurity firm, recently uncovered a vulnerability in Ariane Allegro Scenario Player, a widely used software program in hotel check-in kiosks. The vulnerability could allow someone to exit the kiosk’s intended use (kiosk mode) and access the underlying Windows Desktop OS. 

The software vendor, Ariane Systems, is a world leader in self-check-in and out solutions, serving 3,000 hotels and 500,000 rooms in over 25 countries. 

During a threat modelling workshop at a hospitality brand in Liechtenstein and Switzerland, Pentagrid’s Martin Schobert revealed that the app crashed in Kiosk mode after entering a single quote character into the guest search. 

The hotel brand uses this check-in terminal, likely a type Ariane Duo 6000 series, for smaller locations to facilitate room booking/check-in, initiate payment via a POS terminal, provision RFID transponders to open the booked hotel room, and print invoices.

Schobert found that guests/users have to search for room reservations by entering booking code or surname. If the name contains a single-quote, such as “O’YOLO,” the application hangs, the Windows OS prompts the user to wait or stop the task, and selecting stop terminates the kiosk mode application.

Screenshot: Pentagrid

When stopped, the Windows OS becomes accessible, which may have adverse consequences. such as allowing hotel network attacks, access to data stored on the terminal, including PII, reservations, and invoices, and RFID transponder allowing room keys to be created for other rooms. However, to exploit the flaw, the user must have physical access to the system, and the terminal must be in a self-service state, which hotels typically enable during specific times.

A CVE for the vulnerability is yet to be assigned whereas Kiosk Mode Bypass severity has been given as 6.3 (Medium). The vulnerability, discovered in March 2024, was promptly communicated to the vendor.

Ariane Systems clarified that these are “legacy systems,” in which the USB ports are disabled and “no PII or exploitable data can be retrieved from the kiosk.” Moreover, it believed the hotel must be using an outdated version of the software. However, Pentagrid asserted that the system’s design lets “the kiosk produces and keeps accessible invoice files.”  

Nevertheless, Ariane Systems confirmed the issue has been fixed. However, the exact version fixing the issue isn’t publicly known. Hackread suggests contacting the vendor directly for clarification and installing the latest version immediately to stay protected. 

John Bambenek, President of Cybersecurity and Threat Intelligence Consulting firm Bambenek Consulting commented on the issue emphasising the dangers of the potential access to victims’ rooms in domestic violence cases, theft of credit card data due to terminals doubling as POS devices.

_“_The biggest risk involves various domestic violence and stalking scenarios where unwanted guests could get keys to open a victim’s room. As these devices are also used as POS terminals to facilitate payments of hotel rooms, presumably the biggest risk there is stolen credit card information._“_

_“_The underlying issue seems to be that the specific terminals at this specific location had the vulnerability (albeit, a very simple one to find) and later versions did not. Kiosks tend to be “set and forget” devices which means operators may not know they need to be updated on a routine basis…or if they are updated at all,_“_ he added.

_“_These devices probably cannot be completely isolated from the main hotel network as part of the point is to issue keys and handle room management, however, the devices should be limited to sending only required machines and ports with everything else filtered,_“_ Bambenek advised.

1.  Vietnamese Group Hacks and Sells Bedroom Camera Footage
2.  Hotel reservation platform leaked data from online booking sites
3.  Vulnerability Exposed Ibis Budget Guest Room Codes to Hackers

Tag

#windows