This article was published on August 5, 2016

Hacker sneaks into airport lounges by generating fake QR codes on his phone


Hacker sneaks into airport lounges by generating fake QR codes on his phone

If you’ve ever had to wait hours for a delayed flight you’re fully aware of the difference between slumming it with hundreds of other frustrated travelers, or grabbing a nap, shower or just a nice drink from a first class lounge. Even if you’ve never experienced the latter, the difference should be clear — you always want to be in the lounge.

Przemek Jaroszewski, the head of Poland’s Computer Emergency Response Team (and a frequent flyer) wasn’t able to gain access to the lounge at Warsaw’s airport due to an error. Like any enterprising hacker, he went to work on a solution — a mobile QR code generator that produces a valid QR based on phony credentials he inputs.

Jaroszewski has since tested the creation multiple times at airports all around Europe, and each time it works without fail.

The trick works because most airport lounges don’t cross-check the information provided by the fake QR, instead they just confirm the flight number is real. This hack would potentially allow hackers with economy class tickets to sneak into first class lounges, if Jaroszewski planned to release it to the public.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Unfortunately, he has no intention of doing that.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with