1,200 undergrads hung out to dry after jailbreak attack on laundry machines
(2025/09/12)
- Reference: 1757687409
- News link: https://www.theregister.co.uk/2025/09/12/jailbroken_laundry_machines/
- Source link:
More than a thousand university students in the Netherlands must continue to travel to wash their clothes after their building management company failed to bring its borked smart laundry machines back online.
The Spinozacampus laundry room, which caters to around 1,250 University of Amsterdam students, has remained closed since July after an unknown attacker tampered with all five machines' digital payment system, allowing residents to wash their clothes for free.
The attack has still not been resolved. Management company Duwo kept the room open, allowing students to capitalize on the free washing services, for a few weeks, but now says it refuses to foot the bill.
[1]
The Register asked Duwo for more information, but we're told its spokesperson is taking a long weekend, so all we have to go on is a brief statement given to Dutch site [2]Folia , which first reported the news.
[3]
[4]
"Because we purchase the machines ourselves, we need the income to be able to continue offering laundry services to our residents at affordable prices," a Duwo spokesperson said.
Spinozacampus's ten analog laundry machines are available to residents. However, students reported frequent outages, leaving only one working machine at a time, so they often have to haul their dirty undies to and from the facilities on nearby Darlingstraat.
[5]
Students told Folia that they fear lice infestation in the building as a result of the laundry room closure.
The Register contacted the University of Amsterdam to understand what support it has offered students during this time, but it simply referred us back to Duwo.
[6]Hack to school: Parents told to keep their little script kiddies in line
[7]Anti-DDoS outfit walloped by record packet flood
[8]Critical Wazuh bug exploited in growing Mirai botnet infection
[9]Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser
So-called "smart" devices, or Internet of Things (IoT) gadgets, are often targets for attackers, although usually for the purposes of building robust botnets, rather than helping cash-strapped youths save a few euros on basic needs.
Attacks on laundry machines are even rarer. Occasionally, we'll report on stories such as the infamous [10]Swiss DDoS-ing smart toothbrush botnet – which (shock!) turned out to be bogus – or [11]bugs in internet-connected TVs , but rarely do we see substantial real-world impacts of these things.
Alas, attacks on IoT devices are on the rise, if security vendor reports are to be believed. As of 2022, SonicWall [12]said IoT attacks rose 92 percent amid a declining ransomware scene, which turned out to be short-lived.
[13]
More recent figures from the vendor's [14]annual report showed an upward trend, with an increase of 124 percent in 2024 compared to the previous year, although the primary targets under the broad "IoT" umbrella are cameras, specifically those deployed in critical sectors. ®
Get our [15]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://www.folia.nl/en/actueel/167893/washing-machines-at-spinoza-campus-hacked-duwo-refuses-to-pay-for-costs
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/09/12/students_school_cyberattacks/
[7] https://www.theregister.com/2025/09/11/fastnetmon_ddos_attack/
[8] https://www.theregister.com/2025/06/10/critical_wazuh_bug_exploited_in/
[9] https://www.theregister.com/2025/06/10/40000_iot_cameras_exposed/
[10] https://www.theregister.com/2024/02/09/a_look_at_fortinet_week/
[11] https://www.theregister.com/2024/04/09/lg_tv_critical_bugs/
[12] https://www.theregister.com/2022/10/26/sonicwall_ransomware_raas/
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://www.sonicwall.com/resources/white-papers/2025-sonicwall-cyber-threat-report
[15] https://whitepapers.theregister.com/
The Spinozacampus laundry room, which caters to around 1,250 University of Amsterdam students, has remained closed since July after an unknown attacker tampered with all five machines' digital payment system, allowing residents to wash their clothes for free.
The attack has still not been resolved. Management company Duwo kept the room open, allowing students to capitalize on the free washing services, for a few weeks, but now says it refuses to foot the bill.
[1]
The Register asked Duwo for more information, but we're told its spokesperson is taking a long weekend, so all we have to go on is a brief statement given to Dutch site [2]Folia , which first reported the news.
[3]
[4]
"Because we purchase the machines ourselves, we need the income to be able to continue offering laundry services to our residents at affordable prices," a Duwo spokesperson said.
Spinozacampus's ten analog laundry machines are available to residents. However, students reported frequent outages, leaving only one working machine at a time, so they often have to haul their dirty undies to and from the facilities on nearby Darlingstraat.
[5]
Students told Folia that they fear lice infestation in the building as a result of the laundry room closure.
The Register contacted the University of Amsterdam to understand what support it has offered students during this time, but it simply referred us back to Duwo.
[6]Hack to school: Parents told to keep their little script kiddies in line
[7]Anti-DDoS outfit walloped by record packet flood
[8]Critical Wazuh bug exploited in growing Mirai botnet infection
[9]Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser
So-called "smart" devices, or Internet of Things (IoT) gadgets, are often targets for attackers, although usually for the purposes of building robust botnets, rather than helping cash-strapped youths save a few euros on basic needs.
Attacks on laundry machines are even rarer. Occasionally, we'll report on stories such as the infamous [10]Swiss DDoS-ing smart toothbrush botnet – which (shock!) turned out to be bogus – or [11]bugs in internet-connected TVs , but rarely do we see substantial real-world impacts of these things.
Alas, attacks on IoT devices are on the rise, if security vendor reports are to be believed. As of 2022, SonicWall [12]said IoT attacks rose 92 percent amid a declining ransomware scene, which turned out to be short-lived.
[13]
More recent figures from the vendor's [14]annual report showed an upward trend, with an increase of 124 percent in 2024 compared to the previous year, although the primary targets under the broad "IoT" umbrella are cameras, specifically those deployed in critical sectors. ®
Get our [15]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://www.folia.nl/en/actueel/167893/washing-machines-at-spinoza-campus-hacked-duwo-refuses-to-pay-for-costs
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/09/12/students_school_cyberattacks/
[7] https://www.theregister.com/2025/09/11/fastnetmon_ddos_attack/
[8] https://www.theregister.com/2025/06/10/critical_wazuh_bug_exploited_in/
[9] https://www.theregister.com/2025/06/10/40000_iot_cameras_exposed/
[10] https://www.theregister.com/2024/02/09/a_look_at_fortinet_week/
[11] https://www.theregister.com/2024/04/09/lg_tv_critical_bugs/
[12] https://www.theregister.com/2022/10/26/sonicwall_ransomware_raas/
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_offbeat/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aMRDlCJGWw6Y8Cnqz50_VQAAARM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://www.sonicwall.com/resources/white-papers/2025-sonicwall-cyber-threat-report
[15] https://whitepapers.theregister.com/
DancesWithPoultry
They should be taken to the cleaners and hung out to dry.
b0llchit
The stream had already dried because they had dug a hole and now they are coming clean.
The students must be getting shirty
alain williams
and hot under the collar and want to sock the management company or hit them with a legal suit.
Did the miscreants trouser any money ?
I'll get my coat.
Ian Johnston
Any attempt to implement digital payment systems in a university is simply asking for trouble. "Challenge accepted" say a few thousand bright students, simultaneously.
Laundry machines
Pascal Monett
For God's sake, can you stop trying to connect every bit of machinery to the fucking Internet ?
Allowing residents to wash their clothes for free.
Anonymous Coward
They clearly missed a money laundering opportunity.
Can't afford to offer it for free...
IGotOut
We payed for these ourselves! Think of the poor shareholders.
If it's like UK student accommodation it's an absolute fucking rip off.
One near where I used to live was close on a grand a month for a one room + shower room "studio'.
For the same price a few miles down the the road, I rented a two bed, one bathroom, one shower room, lounge and kitchen in a beautiful grade 2 listed building!
They got away with it
segfault188
It sounds like the miscreants made a clean escape.
Icon? A newly washed lab coat.
Ah, yes, they were taken to the cleaners and now the emperor has no clothes.
I wish all the students good luck in laundering efficiently to find the next hole in the IoT washing powder. You know, the holes in IoT will always be there while we usually fix our clothes.