July 31, 2017 by

$1500 Smart Gun Hacked with $15 Magnets

The world of IoT is quickly evolving and growing at an exponential rate, virtually making everything hackable. Hackers have now found a way to hack into a smart gun. A $1,500 smart gun designed with the purpose of preventing gun crimes and has the ability to be fired without its owner’s consent from a distant, was found to be hack-able by $15 magnets.

Ideally, a smart gun has security mechanisms in place which the concept of authentication behind it, the gun can only be fired if the owner proves his identity. German manufacturer, Armatix, created the Armatix IP1, the first smart gun in 2014. Claiming its security mechanisms will “usher in a new era of gun safety.” The gun is designed with a smart lock that should not fire, unless it is in range of a special Armatix watch that transmits a radio signal to unlock the gun. The radio signal opens a line of communication with the firing pin lock on the weapon and the watch; the pin is unlocked when it receives a security token from the watch. Ideally the radio signal between the devices should only range a up to 10 inches.

However, a hacker with the pseudo Plore, found several different ways to shoot the gun, going past the security measurements set in place.  Plore was able to extend the range of the radio signal, making it possible for anyone without the watch to shoot the gun. Also, he was able to prevent the owner of the gun from firing even if he was wearing the watch, by jamming the radio’s signals. Plore even figured out a way to deactivate the gun’s locking mechanism. He was able to attach some cheap magnets along the barrel of the gun, making it possible to fire the gun even when the watch is not nearby.  Plore even stated: “I didn’t think it would be so easy.” To extend the range of the gun, Plore built a pair of $20 radio relay devices. When the gun owner shoots the gun, a RFID signal is sent out, but by placing the devices near the watch the signal is intercepted and sent to another device as much as 12 feet away.  He also built a $20 transmitter device that sends out radio signals at about 900 megahertz frequencies, the same as the gun and the watch, overwhelming the communications and jamming the gun from 10-15 feet away.  Making it impossible for the gun owner to shoot the gun. Plore also developed a technique to disarm the gun using $15 magnets. By attaching the magnets next to the barrel of the gun, he was able to disarm the identity authentication mechanisms set in place. He was immediately able to fire the gun without the watch. Plore stated: 

“And that’s how I found out for $15 of materials you can defeat the security of this $1,500 smart gun.”

Unfortunately, all the added layers of security to the smart gun were pointless. The intended security measures in place did not do what they promised. Like Plore said, “the gun was so easily defeated, in so many ways, that it really failed to live up to its side of that bargain…Misplaced trust is worse than no trust at all.”

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Former Rutgers Student Pleads Guilty to Creating Mirai Botnet

A former Rutgers university student is among three men who pleaded guilty to creating the dreaded...

Read more arrow_forward

Hackers Invade Safety System of Critical Infrastructure Facility

Hackers, presumed to work for a nation-state, recently hacked a safety system belonging to a...

Read more arrow_forward

New Ransomware ‘Spider’ Threatens Wipeout in 96 Hours

A new strain of ransomware discovered by security researchers encrypts files and gives victims a...

Read more arrow_forward