SAN FRANCISCO – The sudden death of prominent hacker Barnaby Jack was due to an accidental overdose of heroin, cocaine and other drugs, a coroner’s report said Friday.

The New Zealand-born Jack, 36, a software wizard famous for remotely hacking ATMs and medical devices, was found dead in his bed by his girlfriend in July.

An autopsy found “no visible or palpable evidence of trauma” on the body. There was “blood inside the nostrils” and “sparse white foam inside the mouth,” the report from the San Francisco Medical Examiner’s office said.

A toxicology screen found evidence of “acute mixed drug … intoxication” from heroin, cocaine, the antihistamine diphenhydramine and Xanax, which combined to cause Jack’s death, the medical examiner said.

The New Zealand native and San Francisco resident worked as a software security researcher at IOActive Labs.

An admired member of the hacker community, Jack said in an IOActive blog post months before his death he had been spending the majority of his time researching vulnerabilities in new model wireless pacemakers and Implantable Cardioverter Defibrillators (ICDs).

Three years earlier, Jack demonstrated his “ATM jackpotting” discovery for an overflow crowd of hackers during a presentation at the infamous DefCon hacker gathering held on the heels of Black Hat annually in Las Vegas.

Jack found a way to access ATMs remotely using the Internet. Once in the machines, he could command them to spit out cash or transfer funds.

He didn’t reveal specifics of the attack to hackers even though the ATM makers were told of the flaw and have bolstered machine defenses.

He was admired by his fellow hackers, who took to Twitter last year after his sudden death to pay tribute.

“Lost but never forgotten our beloved pirate, Barnaby Jack has passed,” IOActive said in a message at the company’s Twitter account. “He was a master hacker and dear friend. Here’s to you Barnes!”

Related Reading: Barnaby Jack (1977-2013): Farewell to a Daring Wunderkind

Related Video: Barnaby Jack Demonstrates ATM Hacking at Black Hat

Related Reading: Barnaby Jack Leaves McAfee to Return To IOActive

Tags:

• NEWS & INDUSTRY
• Black Hat

Apple has added its name to the list of companies denying they have ever cooperated with the National Security Agency to create backdoors in any of its products.

The statement followed news of a NSA document leaked by German news magazine Der Spiegel that included a description of a program targeting Apple iPhones called DROPOUTJEEP. The document, which is dated 2008, mentions the program as being under development with the goal of making it possible “to remotely download or upload files to a mobile phone.”

“It would also, according to the catalog, allow the NSA to divert text messages, browse the user’s address book, intercept voicemails, activate the phone’s microphone and camera at will, determine the current cell site and the user’s current location,” Der Spiegel reported.

The initial release was said to be focused on installing the program through physical access, though developers would be working to include a remote access capability in the future.

Security researcher Jacob Applebaum – who co-authored an article in Der Spiegel on the issue – stated at the Chaos Communication Congress Dec. 30 that the NSA’s boast about having a 100 percent success rate in compromising devices suggests that Apple may have cooperated with the agency.

In response, Apple issued a statement to media outlets that it has never worked with the NSA to develop a backdoor for any of its products, and is unaware of NSA programs to do so.

“Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements,” according to the statement. “Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers.  We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”

The same NSA document also made mention to tools for compromising products from vendors such as Cisco Systems, Juniper Networks and Dell. Those companies have denied any knowledge or involvement in NSA activities as well.

Tags:

• Cyberwarfare
• NEWS & INDUSTRY