July 26, 2013
Hacker Barnaby Jack Dies Unexpectedly
Lee Rannals for redOrbit.com - Your Universe Online
Barnaby Jack, a famous hacker who demonstrated in 2010 how ATM machines can be forced to dish out pay dirt, died in San Francisco on Thursday.
The hacker was in his mid-30s and was due to appear at the Black Hat hacking convention in Las Vegas next week. He was going to be demonstrating techniques for remotely hacking implanted heart devices; a technique that he said you could use to kill a man from 30 feet away.
Jack was most recently working at the security firm IOActive Labs. He really rose to infamy when he demonstrated how an ATM flaw could be manipulated to spit out cash. According to Reuters, the hacker was poised to present a way to attack heart patients by hacking into a wireless communications system that links implanted pacemakers and defibrillators with bedside monitors that gather information about their operations.
Barnaby did not reveal the maker of the pacemaker he was using in his demonstration, but did say he was talking with the company to figure out a way to prevent malicious attacks.
"Lost but never forgotten our beloved pirate, Barnaby Jack has passed," IOActive wrote in a Tweet. "He was a master hacker and dear friend. Here's to you Barnes!"
BBC reported that Jack told the British news agency last year that he found flaws in widely-used insulin pumps which allowed him to compromise the devices. He said the hack made it possible to control the pumps and administer a fatal level of insulin.
"My purpose was not to allow anyone to be harmed by this because it is not easy to reproduce," he told the BBC during an interview in April 2012. "But hopefully it will promote some change in these companies and get some meaningful security in these devices."
The Black Hat computer security conference will be taking place on July 31. This year, Security Research Labs (SRL) founder and cryptographer Karsten Nohl will be presenting findings about the vulnerability of millions of SIM cards. This flaw allows hackers to obtain the SIM card's 56-digit digital key in order to help them modify the chip remotely. Grabbing this key allowed Nohl to text malware, eavesdrop on calls, make purchases through mobile payment systems and impersonate the owner of the phone.