A group of young Australian security researchers has managed to chip cards of a transportation company to crack. The company made use of a private cryptovariant, but this turned out to be heavily out of date and was within a week to crack.
The four security researchers, who TrainHack call it, have their findings made public during a presentation at a security conference in Melbourne, reports SC Magazine. TrainHack had a presentation on reverse engineering a mass transit ticketing system called. According to the four proved to be the applied cryptography of tickets from an unnamed openbaarvervoerbedrijf outdated, though the company is a private variant had applied.
As with the hacking of the Dutch ov-chipkaart, the investigators had enough to freely available and cheap hardware, including some card readers. In total, the four a week have had to the dated encryption on the cards to crack, which makes it possible to free travel with the respective carrier.
According to the researchers, it is for the relevant public transport company probably cheaper to get a new card in than to the existing hardware to be replaced. The carrier wanted to not say how much any go through would cost.