Keurig K-Cup 2.0 Spoofing Hack

This hack allows the user to brew any coffee pod not just the ones with the Keurig branding on them. Evidently, if someone tries to brew coffee other than a K-Cup coffee pod, they will get the error message, "Oops, this pack was not designed for this brewer ...", well that's just not cool.  So, there is a camera in the 2.0 model that scans for a specific label before running water through the pod.  If you want to use a different brand, it is actually pretty simple to get around the camera thing.

Steps to completing the hack:

Step 1: Attacker uses a genuine K-Cup in the Keurig machine to brew coffee or hot chocolate.
Step 2: After brewing is complete, attacker removes the genuine K-Cup from the Keurig and uses a knife or scissors to carefully remove the full foil lid from the K-Cup, ensuring to keep the full edges intact. Attacker keeps this for use in the attack.
Step 3: Attacker inserts a non-genuine K-Cup in the Keurig, and closes the lid. Attacker should receive an "oops" error message stating that the K-Cup is not genuine.
Step 4: Attacker opens the Keurig, leaving the non-genuine K-Cup in the Keurig, and carefully places the previously saved genuine K-Cup lid on top of the non-genuine K-Cup, lining up the puncture hole to keep the lid in place.
Step 5: Attacker closes the Keurig, and is able to brew coffee using the non-genuine K-Cup.
Since no fix is currently available, owners of Keurig 2.0 systems may wish to take additional steps to secure the device, such as keeping the device in a locked cabinet, or using a cable lock to prevent the device from being plugged in when not being used by an authorized user.
So, come on guys, really?!? If you want to stop people from using pods other than your own. Try doing something like barcode or RF scanner or something better than a camera looking for a little photo.

Comments

Popular posts from this blog

Emby Media Server | Arch Linux

Installing Arch Linux & Gnome 3 Desktop