Zwift hackers expose next generation of cycling doping
Cyber security experts proved they can hack into Zwift and boost their performance on the indoor cycling gaming platform.
The hack works by intercepting and manipulating data sent between smart trainers and Zwift.
It underscores the need to tighten security in e-racing, a growing field with UCI-sanctioned events and Olympic ambitions.
By his own admission, cyber security consultant Brad Dixon is a bit of a cycling hack. He rides his bike for fitness and recreation, but he’s better at cracking computer codes than cranking out pro-level wattage on two wheels.
Dixon’s lack of high-end fitness might keep him off the podium IRL, but his ability to game virtual reality could help him rise through the ranks in the ever-growing arena of e-sports, where cyclists compete, often for actual cash and real-world prizes, on stationary trainers via platforms like Zwift.
Last month, Dixon gave a 40-minute presentation at DEF CON, a popular computer security conference, called Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks. He detailed how, with some standard hardware and an Xbox controller, he tricked the system into thinking he was humming around Watopia at race pace while doing nothing more strenuous than cracking open a beer.
“The game limits you to 2,000 watts of power, but for a recreational rider like me, that’s infinity,” said Dixon, who works at the New York-based consulting firm Carve Systems. “I can easily cruise around at 30-40 mph in the game at those watts, if not more.”
Such high speeds might immediately cause suspicion among anyone getting their Zwift kit blown off by a pixelated competitor. But smaller boosts, like a 5-10 watt gain here or there—enough to beat someone up a climb or to the line for a sprint—would be far less noticeable.
In the end, these numbers are all that determine how quickly your little cartoon cyclist pedals around the island. And numbers are exactly what gave Carve Systems CEO Mike Zusman, a former Cat 1 mountain bike racer, the notion for this particular hack.
from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/2UZ7eX5