Kobil reader hacked
A hacker using the name Colibri has managed to bypass the reader signature check by replacing the reader's boot loader with a specially crafted boot loader. Colibri informed Kobil about the problem and released a report about the hack, as well as a Windows tool and firmware updates for reproducing the issue. At the end of April, Kobil released security update 79.23 for the Kaan TriB@nk to close the hole(s). According to Kobil's Head of Product Management and Development, Markus Tak, the update is also designed to prevent attackers from randomly updating memory blocks in the future.
Publicly available information about this problem still remains sparse. the ZKA said that the vulnerability was not publicized because the issue affected a "limited group of customers" who were apparently informed directly by the vendor. Furthermore, the ZKA said that the applications for Geldkarte, HBCI and Secoder are not affected by the hole. The vulnerability triggers a questioning on security certifications for systems and software. Not only the BSI approved the readers, but also T-Systems found in an independent test that the devices comply with the safe PIN entry requirements described in the German Signature Law and Signature Regulation.