26 June 2008 | 41,405 views

Hackers Crack London Tube Oyster Card

Check Your Web Security with Acunetix

It just goes to show, having an aluminium lined wallet could really be useful! Hackers in the Netherlands found they could clone an access card using the Mifare chip, after that they traveled to London to try their technique out on the Oyster card (used on the London Underground), which uses the same chip.

It just goes to show…implementation of these cards really isn’t good yet.

Dutch security researchers rode the London Underground free for a day after easily using an ordinary laptop to clone the “smartcards” commuters use to pay fares, a hack that highlights a serious security flaw because similar cards provide access to thousands of government offices, hospitals and schools.

There are more than 17 million of the transit cards, called Oyster Cards, in circulation. Transport for London says the breach poses no threat to passengers and “the most anyone could gain from a rogue card is one day’s travel.” But this is about more than stealing a free fare or even cribbing any personal information that might be on the cards.

Oyster Cards feature the same Mifare chip used in security cards that provide access to thousands of secure locations. Security experts say the breach poses a threat to public safety and the cards should be replaced.

Apparently they can only use the cloned card for one day’s travel, but still…what would stop them from doing it every day?

Or cloning an access card to a more important place and wreaking some havoc there.

The hackers scanned one of the Underground’s many card readers to collect the cryptographic key that purportedly keeps the system secure. The keys were uploaded to a laptop, essentially turning them into portable card readers. The hackers then brushed up against passengers to wirelessly upload the information on their Oyster cars. That information in hand, it was a simple matter of using it to program new cards.

Jacobs says the same technique can clone smartcards that provide access to secure buildings. “An employee can be cloned by bumping into that person with a portable card reader,” he told the Times. “The person whose identity is being stolen may then be completely unaware that anything has happened. At the technical level there are currently no known countermeasures.”

So break out your tinfoil hats and alumnium hats, the smartcard hackers are coming to a building near you soon.

The Dutch government are taking this VERY seriously, planning to replace all 120,000 smart cards used by their employees for access. That will be an expensive excercise.

I wonder will Oyster make any changes following the media coverage on this?

And what rights does a consumer have after their card is cloned and their credit used, are they insured? Would they even notice? Who’s responsiblity is it?

Source: Wired Blog (Thanks to razta).



Recent in Cryptography:
- CloudFlare Introduces SSL Without Private Key
- StegExpose – Steganalysis Tool For Detecting Steganography In Images
- Important OpenSSL Patch – 6 More Vulnerabilities

Related Posts:
- The Black & White Ball UK – Whitehat vs Blackhat
- crack.pl – SHA1 & MD5 Hash Cracking Tool
- Retarded E-mails – Crack Hotmail? Hack Facebook? Boyfriend Cheating?

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 46,846 views
- Hackers Crack London Tube Oyster Card - 41,405 views
- WPA2 Vulnerability Discovered – “Hole 196″ – A Flaw In GTK (Group Temporal Key) - 31,478 views

Low-cost VPS Hosting

27 Responses to “Hackers Crack London Tube Oyster Card”

  1. Pantagruel 26 June 2008 at 7:12 am Permalink

    Yet another mifare chip bites the dust.

    Up to now the Dutch government has persisted in the project of the OV-card based on this mifare chip, even though it was proven vulnerable.
    I surely hope they will now see the ‘light’, accept the few million euro’s loss over this project ( the bad thing is it’s the people’s money they are spending not their own dosh) and postpone this OV-card untill a more secure card/chip can be implemented (after vigorously testing ofcourse)

  2. Marcus Watson 26 June 2008 at 7:40 am Permalink

    http://rfidiot.org/ is an excellent source of material on this, and was the tool used by Amsterdam University to find flaws in the Mifare Ultralight used on the Amsterdam Subway.

  3. Navin 26 June 2008 at 8:28 am Permalink

    why can the cloned cards be used only one day at most?? is that the validity of an original oyster card as well??

  4. Cor-Paul 26 June 2008 at 10:55 am Permalink

    Pantagruel I’m afraid the Dutch government will still refuse to see the light as they have already invested a large amount of money in the project. What I don’t understand is that all the security problems were known and indicated during the start of the OV (public transport) card project, but for some reason were put aside?

  5. razta 26 June 2008 at 5:32 pm Permalink

    Dutch hackers coming over onto our turf and telling us how its done, we should go over there and find a security hole in one of thier public systems. We could have a hacker turf war!

    On a more serious note…

    Isnt this the same technology the goverment wanted to use for the ID cards? Do you think the flaw the hackers found can be patched? Better encryption perhaps?

    Wish I lived in London, could get free transport all day long! Gona take a bigger interest in the metro system they use in my city, they dont use oyster cards here, they use magnetic strips.

  6. grav 28 June 2008 at 7:36 pm Permalink

    It seems like the same thing is being done with RFID (I think this is what its called?) chips. The cool thing about these chips is that they are being shrunk so much that they are approaching the microscopic level! I was reading in Popular Science or something about how they are getting embedded into new products. I also read about a store in Illinois that had started using these instead of price tags, as each chip stored the necessary tags such as price and stuff. Because of this, there was no need for check out because the chips were scanned automatically and the gross price was already calculated. However, a team of hackers was able to overwrite data on the chip, writing the data for a tube of toothpaste onto that of a really expensive wine.
    There are new uses for these chips, instead of credit cards, people could have the chips embedded in themselves. You can see how that will turn out : ).
    There are ethical implications too, what if this technology was already being used and being implanted in every baby as it was born? It would be undetectable (to the chipped person) and invasive to privacy, but “BIG BROTHER” would be able to keep tabs on us pretty easily…

  7. zupakomputer 30 June 2008 at 7:49 pm Permalink

    “What I don

  8. michael onome 1 July 2008 at 10:17 am Permalink

    Am very impressed with what you guys are doing. But how do i HACK TO LEARN. MIKE

  9. grav 1 July 2008 at 6:35 pm Permalink

    @ michael onome

    google is your best friend when learning any subject
    I found DarkNet through it a long time back
    Some instructional sites include:

    http://www.hackthissite.org
    (very good one – deals with hacking missions)

    http://www.hackerthreads.org/
    (a hacking forum – good articles and stuff)

    hope this helps
    I know what you are talking about though, DarkNet is more like a portal to hacking tools and has a bloggish feel

    (No offense DarkNet) : )

  10. razta 22 July 2008 at 8:18 pm Permalink

    UPDATE:
    Court rules Oyster hack can be revealed

    A Dutch judge has ruled that researchers can publish details of how to crack the Oyster card used on London’s public transport system.

    http://www.vnunet.com/vnunet/news/2222161/court-rules-oyster-hack

  11. Navin 23 July 2008 at 2:59 pm Permalink

    wow
    This is really great….sort of what hacking is all about…….The government/MNC designs a system…… some bloke at some university discovers a flaw…….reveals it and hopefuly the next generation of the system comes into effect sans this flaw.

    Definitely once the hack is revealed, NXP (the makers of the card) will get their experts working thru the night trying to figure out how to prevent card-cloning

    BTW @razta
    u said something abt magnetic strips……… can’t they be cloned in the same way that ATM cards can be copied?? I’ve read atleast 4-5 articles which have discussed ATM card cloning…..thts why they have a number code (password) to prove Ur identity to the ATM machine (coz the card data itself can be cloned …….and from wht I’ve read, pretty easily!!)

  12. daemch 23 July 2008 at 6:11 pm Permalink

    thanks for the links Grav. I’ve been looking for a few n00b sites to get my feet under me for about 3 days now. most of the info I’ve found as been aimed at the experienced hacker/security expert. I’m better than the average computer user, and I learn fast, but this is a steep learning cure to start.

    Anybody else have any suggestions on where to go to get basic starter info? About 60% of what I read at this point is over my head… which is about 50% better than I was doing a week ago. :)

    (still looking for active n00b/how-to/beginners forums)

    Thanks!

  13. daemoch 23 July 2008 at 6:33 pm Permalink

    Navin –

    I used to work for a cash register/POS and small article security company, and yes, you CAN clone magnetic strip cards. in fact, if you know the code you need, you just call a manufacturer and tell them what the code is, and how many you want, and they will make them for you and ship them to your door! its the same (basic) tech that is used for food service staff cards, hotel key cards, parking passes, etc.

    To put it in a scary/funny light: some where out there is a waitress with an employee ID card at her restaurant with the same ID as your ATM account number.

    as far as cloning someone’s ID though, I’m sure it could be done, but in my experience, you have to run the card through a reader. It’s too faint to be picked up by proximity like RF is, and it’s a linear code; you HAVE to read it front to back.

    Like my dad always told me: Locks are there to keep honest people honest.

  14. razta 24 July 2008 at 10:24 am Permalink

    @Navin
    Yes, you could probably clone them, however more often than not no one or machine checks the ticket anyway. So you can just not buy a ticket and hope for the best, Ive only been caught once. When I was caught they fined me

  15. Navin 24 July 2008 at 11:01 am Permalink

    hehe tht’s a great story razta….

    @daemoch
    wow man, may be you meant this as a joke but are you serious about the waitress thing?? I’m asking coz that seriously makes my bones shiver…..I always thought tha atleast during initial production, magnetic strips are unique (cloning them is a diff story). I thought that magnetic data was somewhat like ipv6 which offers virtually unlimited no. of user identities. Sure maybe bank abc has some added encryption and bank xyz uses a better reader at its atm’s but if its that simple…….

  16. razta 24 July 2008 at 3:53 pm Permalink

    @Navin
    I think they are unique. 16 digit number, that means theres.

    9,999,999,999,999,999 combinations

    7,000,000,000,000 people globaly by 2012

    Thats aproximatly 1429 different combinations per person.

    Im guestinmating that at present not even a quarter of the global populaton even have credit cards. I dont, and I live in the UK. So the actual number of different combinations per person will be much higher.

  17. daemoch 24 July 2008 at 5:33 pm Permalink

    Navin-
    I’m totally serious. That’s the scary part. But you do have it right to a point; there ARE “encrypted” cards, but as this thread, and indeed this whole site points out, how good is encryption? And some cards do use longer strings than others. Also realize that some cards use static numbers, and others are changeable, aka flashable.

  18. grav 25 July 2008 at 2:01 am Permalink

    @ daemch

    you’re welcome

    some other links…

    http://www.elitehackers.info/ (really good articles)
    http://www.darkmindz.com/
    http://www.hellboundhackers.org/

    as for learning…
    any good scripting language to start with?
    Javascript and HTTP I guess…

    suggestions?

  19. daemoch 25 July 2008 at 7:17 pm Permalink

    @ grav

    thanks for those. it’ll give me something to do at work, lol.

    as far as languages, I don’t know any, so I can’t weigh in on any. the last time I wrote code, it was on a commador 64. some how I doubt that that is relevant anymore…

  20. Navin 26 July 2008 at 7:41 am Permalink

    @ daemoch
    Thanks for your prompt replies!! :)
    I’ve got anther question…… when U say tht card numbers are changable/flashable, do U mean tht the consumer can change the numbers or that the numbers get changed when the user inserts his card into the machine….or something else?? I’m really interested in knowing about how atm’s work (Imean the actual process of confirming the identity of the card holder….which most banks claim is un-clonable)

  21. zupakomputer 26 July 2008 at 6:03 pm Permalink

    C64 code and any others from those eras (eg – like BASIC) are still relevant in the sense that the structure is similar. I’m guessing you’d have used procedural languages on the C64; javascript is object oriented, and, perl say, is both those and some other things too. It refers to the type of instructions you can issue and how they are carried out, the sort of ‘syntax’ they use.

    Magnetic cards are very easy to read, and clone. Meaning scanners and writers can be bought – so you would nowadays also mostly need the 4-digit pin, and that’s all to be able to use it in an ATM or a shop. There is a lot of credit card fraud that’s possible simply because checks aren’t made though – you give the details on the card over the phone, and that’s enough for some places, they’ll ship to whatever address even if it doesn’t match with the cards records. In those kinds of cases you wouldn’t even need to have the card or a copy – just the details. Other times people steal the details, then use them to make duped cards – if they know what banks or wherever issued the card then there’s standard ways the cards have been encoded / written to.

    However, tis also a fact that the economy has virtually nothing real backing it up anymore (especially here in the UK as all the gold reserves were sold off), and most of it’s a sham fueled by mass acceptance of HP (not the computer co., ‘hire purchase’). They don’t really own it, they never really got paid to make it or ship it, and the profits and loss are all on paper only.

    Live in debt, die in debt. There’s about 5 small countries in the world that don’t owe all their assets to a bunch of other countries.

    btw there was / is a similar flaw with the chequing system. First you are meant to present a cheque guarantee card alongside a cheque – hardly anyone ever used that verification. Next whoever received the cheque is meant to hole-punch the back of your cheque book (to verify what day what amount was paid). Nobody did that much either. So in practice that meant that a fake book/bunch of cheques could be used multiple times a day quite easily.

  22. daemoch 28 July 2008 at 7:33 pm Permalink

    @ Navin-

    I can only take a few educated guesses at what goes into ATM cards “security” as I only built systems that (I would hope) would not require the level of security that an ATM machine type system uses. My experience wasn’t in BUILDING the cards, so much as USING them.

    What I DO know, is that we use the same readers (both hardware and software) to read the ATM/Credit cards AND Employee ID cards, Parking Passes/ Meter cards, Door Key cards, etc. and that the numbers NEVER change. Like blank CDs, only certain media types will support a re-write. I’ve never run across a reprogrammable ATM/Credit card, but i have seen much more expensive media cards that claimed to be re-writable. Also, the numeric strings are indistinguishable from each other. The reason for the similarity in strings, is because most software is only written to handle a very narrow band of variables. In point of fact, if you have a business that wants to run Discover (it may have been American Express; its been about 4-5 years) cards, you HAVE TO TELL US AHEAD OF TIME because discover uses 3 extra digits at the end of their number sets and we have to tell the program (or reprogram the program in some cheaper/older systems) to allow for the extra, or lack of extra numbers. Otherwise the system errors out as a mis-read.

    As far as flashable cards, those cheap paper cards you get at say parking garages are essentially the same as ATM/Credit cards, but in a lot of cases are blanks that get flashed with anything from a time/day number setup to a serial number. in the time/day flash, the reader just reads the number, compares it to the current values, and calculates the amount. in the serial system, everything is networked, and the serial number corresponds to an entry in a data base type system. anything can be tied to it. simple time/date values all the way to a video footage file to a passing weight value. it all depends on what the client wants, and what they are willing to spend.

    It occurs to me as i reread your question that a system that constantly rotates a cards ID would be great for security. a new pre-determined ID would make it almost impossible for the same card number to be used more than once in a given time period. If a system assigned a new number to a card at the end of every transaction, reusing an old number would be pointless. and the system could track the number, and its changes across the system. besides a lot of new encoding though, a change like that would use up a lot of bandwidth, and require up to date posting, which if you follow the money trail, the industry likes the delay in purchase time vs posting time. its good for over-draft fees among other things.

    I hope that helped a little. I’m trying to answer your question between jobs at work, so my train of thought is really broken up, sorry.

    @ Zupakumputer

    Yah, I used BASIC, and It certainly was! :)

  23. Navin 29 July 2008 at 11:09 am Permalink

    Thank you so much daemoch, Right now I’m giving you a standing ovation, I swear it!!

    You’ve literally answered everything I’ve wanted to know, and even stuff that I’d thought about but forgotten to mention in the last comment!!

    Thanks a million mate!!

  24. daemoch 29 July 2008 at 6:17 pm Permalink

    just cuase im a curious bast**d, i took a look at what some of the manufacturers are offering currently, and i found that there seems to be 3 major communication/encryption systems used currently. I also noticed that one site mentioned that it could run 3 parallel data strings in one magnetic stripe (like 3 tracks on a DVD or CD squeezed into the normal width of a single track). one manufacturer offered an “extended” string capability for custom configurations of up to 84 bits. and not surprisingly, ALL manufacturers offer both single-write AND re-writable cards now. In fact, they seem to be pushing the re-writable over the single-write.

    makes me wish i had a reader/writer now so i could play with my ATM card… I wonder if it’s re-writable?

  25. daemoch 29 July 2008 at 6:30 pm Permalink

    @ Navin

    think about it…. even if EVERY card out there was IDENTICLE, the banks would HAVE TO tell us they were “uncloneable” or the public would never use them.

    if you asked me if i locked my house, id say yes. if you check the door, you’d find I’d lied. you’d also find my 150 lb. dog. of course, the banks call their dogs “lawyers”, but the effect is the same…

  26. Navin 30 July 2008 at 2:16 pm Permalink

    ah….the Global Monetary Mafia…..it all leads to them don’t it? But then, if cards are somehow identical, how come there hasn’t been enough publicity about these cloning techniques? I mean, I do understand that 90% of people would rather listen to someone like Barclays or American Express saying tht the cards are safe than some so called independent security researcher from Sweden, but even then the other *logical* 10% should have publicized this. until your comments I always thought that using ATM cards were more or less fail-proof!!

  27. daemoch 31 July 2008 at 11:43 pm Permalink

    @ Navin

    don’t get me wrong, I’m NOT a conspiracy theorist. and I’m not saying ATM cards aren’t REASONABLY secure. heck, i wasn’t even saying that they all in reality share the same numbers, it was intentionally ridiculous, but i used it to make my point: If the public wont buy the concept, no matter how good or bad, the concept fails. public confidence is all that keeps most monetary systems running. period.

    essentially, as long as we all have some form of random ID (ATMs use a user defined “PIN”), it’s reasonably hard to “break into” an account. if your that desperate for cash, spam off some key loggers in a retirement community and just log everyone’s activities. I’ve done that to catch old room mates farting around on my comps.

    Ill give you another scare:

    every cash register system I/ we built had a master key code programed into it; a backdoor if you will. our standard codes were 6-12 characters long. the master code was 42 characters. in order to enter it, you had to have a card or key with the full code in it, as manual entry only allowed for the required 6-12 before erroring. the scary part is the fact that with the master code, we could change anything in the system, even the sales data AFTER a sale had been authorized! we could funnel funds, skim pennies, re-route whole transactions, all behind the “administrators” view. like changing bios info in a computer: the OS admin wont see it, but it’ll sure change how stuff works…. ever see the superman movie from the 80s with richard pryer? yah, like that.

    we did it once by accident. it took almost a month to track down and fix, AND WE WERE THE ONES THAT DID IT! lol turns out a used system we resold hadn’t been wiped as well as it should of been, and the flash card still had the previous owners account info in it, basically a routing table. so it would dump the left over fractions and balances after a closeout into what we originally thought was a holding file, and later that night, mysteriously send them off to a completely un-affiliated account. we got it all worked out in the end, but in one month it siphoned off almost 30 thousand US dollars.

    what fun that week was. good thing i had nothing to do with that particular install…