Tablets kill the laptop

Hackers develop Android app that can kill people

Michael Mercenary

An Android app can be used to control insulin pumps and induce them to give a lethal dose.

EnlargeMedtronic insulin pumps can be worn on the body.

Almost two years ago, researchers Billy Rios and Jonathan Butts discovered a serious security flaw in Medtronic's MiniMed and MiniMed Paradigm insulin pumps. As a result, attackers could have prevented patients from receiving insulin or administered a lethal dose to them. Since no effective solution for the security problem has been found to date, the researchers now take a drastic measure: They developed an Android app that can kill people.

This is a universal remote control for the insulin pumps from Medtronic that are in use around the world. This is intended to force the manufacturer to do something about the weak point in its medical devices. The attacks are made possible by certain radio frequencies, the remote control and the insulin pump communicate with each other. This communication is not encrypted and can be manipulated by attackers. The serial number of the device is actually required for this, the researchers' app tries out all possible combinations as a way out and can thus control all MiniMed pumps in the area. Although the administration of insulin is always announced by a signal tone, the user then only has a few seconds to recognize a potentially fatal dose.

Medical implants target hackers