How Teens Hacked Boston Subway
Four students from Medford High School managed to hack the Boston Subway system to get free rides, thanks to a leaked hackers’ presentation from 2008. The teenagers stumbled upon this information and decided to test if this scheme was still operational in 2023.
Exploring the Hack
Historically, paper tickets were vulnerable to hacking. However, advancements in technology led to the introduction of RFID contactless Charlie cards, storing around 1 kilobyte of data. Despite the upgrade, the students discovered a loophole that allowed them to manipulate the cards.
Exploiting Vulnerabilities
The ingenious teens figured out how to load the cards with any desired amount of money or mimic various passes, including discounted student cards, senior citizen cards, and even MBTA employee cards for unlimited free rides. They highlighted that the MBTA had not addressed the vulnerabilities they identified and appeared to be waiting for the new ticketing system scheduled for 2025.
Despite their unauthorized actions, the incident sheds light on the importance of robust cybersecurity measures and continuous updates to prevent such hacks.
Sumsub, a vital player in empowering compliance and anti-fraud efforts, plays a crucial role in fighting money laundering, terrorist financing, and online fraud. With their expertise, Sumsub aids organizations in securing their systems against such breaches.
Positive actions, such as Sumsub’s dedication to enhancing cybersecurity efforts, can help thwart potential digital threats and ensure a safer online environment for all.