Hacker cracks 4 million hotel locks with 'James Bond Dry Erase Marker'
Posted by Jill Fallon at October 9, 2012 5:38 PM | Permalink
This new hacker invention may look like a harmless dry erase marker, but in truth it's the ultimate electronic lock pick. In a post titled 'James Bond's Dry Erase Marker,' hotel hacker Matthew Jakubowski demonstrates how anyone can build this pocket-sized device which will open the lock on an estimated 4 million hotel rooms.
'I guess we wanted to show that this sort of attack can happen with a very small concealable device,' says Matthew Jakubowski, a security researcher with Trustwave, told Forbes. 'Someone using this could be searched and even then it wouldn't be obvious that this isn't just a pen.'
--
The lock has a small port on its bottom designed for hotels to set master keys. Hacker Cody Brocious discovered you could read the lock's memory through this port, including a decryption key.
--
The device exploits a vulnerability in Onity locks, a cheap lock used on millions of hotel room doors. Onity's site boasts their locks are used in 22,000 hotel worldwide.
__
Security experts believe the expense has likely left a huge percentage of hotel rooms with the easily cracked model.