Hotel Keycard Lock Hack Gets Real In Texas 132
Sparrowvsrevolution writes "You may remember a vulnerability in four million keycard locks presented at the Black Hat conference in July. Hacker Cody Brocious showed he could insert a device he built for less than $50 into the port at the bottom of the common hotel lock, read a key out of its memory, and open it in seconds. Two months later, it turns out at least one burglar was already making use of that technique to rob a series of hotel rooms in Texas. The Hyatt House Galleria in Houston has revealed that in at least three September cases of theft from its rooms, the thief used that Onity vulnerability to effortlessly open rooms and steal valuables like laptops. Petra Risk Solutions, an insurance firm focus the hospitality industry also reports that at least two other hotels in Texas were hit with the attack. Onity has been criticized for its less-than-stellar response to a glaring vulnerability in its devices. The Hyatt says Onity didn't provide a fix until after its break-ins, forcing the hotel to plug its locks' ports with epoxy. And even now, Onity is asking its hotel customers to pay for the full fix, which involves replacing the locks' circuit boards."
Took them two months?! (Score:5, Interesting)
Surprised it took thieves two months before starting to use this exploit. Even more surprising that the summary says "already".
The exploit was very well documented, and rather simple to copy. It took mere days for YouTube videos showing off the same hack to appear.
It is more likely that other hotels were hit with the issue already, but didn't disclose it to the public for fear of attracting more thieves to their hotels, and/or for the bad publicity and the risk of guests staying away from their insecure rooms.
Re:And a normal locksmith will also charge (Score:3, Interesting)
Not so easy to copy?
A cheap card encoder can be had for under $100.
Re:And a normal locksmith will also charge (Score:5, Interesting)
Cards have a built-in expiry date; usually the date you're supposed to leave the hotel. When extending your stay, they will update your card. So while you may be able to copy them, it's not exactly useful.
Re:And a normal locksmith will also charge (Score:4, Interesting)
AC's reply deserves your attention - as it's the same thing I was thinking.
Not to mention - I have a huge pile of keys. I have keys that I haven't thrown away since my Navy days, more than thirty years ago. I just don't throw keys away, no matter how "useless" they might seem.
From time to time, I need to open a lock. I examine the lock, think a bit, poke through my big pile of keys, and usually come up with a match. There are three keys that I carry on my key chain that don't fit anything - specific. They just seem to fit a lot of things that need to be opened. There are, after all, only so many combinations that can be cut into a blank key.
I'll admit, though, that I have few keys that are likely to fit motel room doors.
Hotel in room safes are not much better (Score:5, Interesting)
I was in a hotel with an in room safe. My kid closed the door and managed to lock it so I called maintenance. The guy came up and hit the # key twice to enter supervisor mode then keyed in 6 9's. Here is a video I shot after he left. I'm pretty sure they don't have an override maintenance code for each room. You could try a few standard combos on your room to figure it out for the hotel. Or just get maintenance up to your room to show you it.
https://www.youtube.com/watch?v=UYjJuE7l7VM [youtube.com]