Even John Deere tractors aren't safe from jailbreaking and hacker attacks

Representational image of a cybercriminal
Image Credit: Pixabay (Image credit: Pixabay)

The electronics of John Deere tractors can be hacked, and what better way to demonstrate this than to have them run a corn-themed version of Doom on the display. 

An Australian hacker going by the name Sick Codes has shown off their work, which has motives dating back more than a year.

Last year, during DEF CON 29, Sick Codes said he wanted to explore vulnerabilities in agricultural equipment, as no one else was doing it at the time. While he did manage to force the company into fixing a few issues, the way John Deere approached the situation was to essentially block people from customizing their gear or fixing their own issues.

Anti-right-to-repair

Sick Codes saw this as “anti-right-to-repair”, which didn’t sit well with him. 

So, this year, during the same conference - DEF CON 30 - he demonstrated what is essentially a jailbreak, showcasing how people could bypass John Deere’s blocks and still end up customizing and improving their gear. 

Sick Codes says he used a John Deere tractor 4240 touchscreen controller with an Arm-compatible NXP I.MX 6 system-on-chip, running Wind River Linux 8. Some devices were running Windows CE, as well. The project took a couple of months, and involved physically modifying the equipment, to have it run the code. If a person is capable of getting new software onto the endpoints, they’d be able to run it freely. 

"The main bug is that nothing's encrypted or checksummed properly or anything like that," the researcher explained, further stating that patching the weakness isn’t exactly simple. Instead, the company should build new devices with proper security baked in, he says. 

All the firmware's code runs as root, he concluded.

TechRadar Pro has sked John Deere for a comment and will if we hear back. 

Via: The Register

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Subaru Starlink
Hackers expose serious Subaru security flaws that allow them to remotely start cars
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Apple users facing new security risks after critical USB component hacked
Avast cybersecurity
Hackers are hijacking government software to access sensitive servers
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Hardware supply chain threats can undermine your endpoint infrastructure
Eight Sleep Pod bed
Company that reportedly supplied DOGE and Elon Musk with sleeping solutions found to have huge vulnerability in its...beds??
An image of network security icons for a network encircling a digital blue earth.
Why effective cybersecurity is a team effort
Latest in Security
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
A digital representation of blockchain.
Malicious npm packages use devious backdoors to target users
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
Latest in News
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app announced, available today on iOS and Android devices – and here's what it does
Nintendo Virtual Game Card
Nintendo reveals the new Virtual Game Card feature, an easier way to manage your digital Switch games
Nintendo Switch 2
The Nintendo Switch 2 pre-order date has seemingly been confirmed by Best Buy Canada – here's when you'll be able to order yours
Person printing
Microsoft’s latest Windows 11 update exorcises possessed printers that spewed out pages of random characters
Pro-Ject A1.2 in black, playing a vinyl record in a hi-fi listening room
Pro-Ject's new fully-automatic turntable could be the buy of Record Store Day 2025
Intergalactic: The Heretic Prophet
Intergalactic: The Heretic Prophet reportedly won't release until after 2026, as Neil Druckmann says that staff 'are playing it at the office' right now - but I don't think I can wait that long