I’d wager just about everyone has stayed in a hotel that uses the key card locks where you slide a little card into the door to release the locking mechanism. One hotel called the Hyatt in the Houston Galleria district that uses these locks had a rash of break-ins in September. The most puzzling aspect of the break-ins was that the locks weren’t picked, the doors weren’t forced open, and a key wasn’t used to unlock the doors.
During the investigation, hotel staff learned that an enterprising thief was using technology to hack the key car door locks, tricking the doors into opening with ease. The hotel staff came to this conclusion when a device capable of reading the memory on the key card lock determined that none of the hotel staff keys had accessed the lock on one of the violated rooms. In fact, the device showed no key had been used during the theft.
The thief who was behind the string of hotel room break-ins in Houston was believed to be taking advantage of a previously theoretical intrusion technique that security researchers have warned about months before. Even more troubling is that hordes of hotel rooms around the world are still vulnerable to this exact same attack. The vulnerable locks come from a company called Onity and are estimated to be in use on 4 million hotel rooms around the world.
The flaw that investigators believed to have been exploited was demonstrated by a software developer for Mozilla at the Black Hat hacker conference last July named Cody Brocious. Brocious showed that he was able to trick the lock into opening using a portable programmer device designed to be used for designating master keys and opening locks when the batteries had died. The device Brocious used was small and cost less than $50 to build. Also worth noting is that lock maker Onity isn’t paying to fix the flaw in the 4 million locks estimated to be in use, and is asking hotels to pay for the fix. That could mean many locks remain vulnerable as hotels refuse to pay.