Hackers Found A Way To Open Any Of 3 Million Hotel Keycard Locks In Seconds

The hacking technique sets the security vulnerabilities of certain models of RFID-brand-based key card locks that are used in 131 countries around the world.



<p>Getty</p>
<p> Stock image of key card lock” src=”https://s.yimg.com/ny/api/res/1.2/bnf_jv0BxYtNM4NDfdsh1Q–/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTY0MA–/https://media.zenfs.com/en/people_218/37594b665feee0519408a8a14b60509a ” /></p>
<p>Getty</p>
<p> Stock image of key card lock” src=”https://s.yimg.com/ny/api/res/1.2/bnf_jv0BxYtNM4NDfdsh1Q–/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTY0MA–/https://media.zenfs.com/en/people_218/37594b665feee0519408a8a14b60509a ” class=”caas-img”/></p></div>
</div>
</div>
<div class=

Getty

Stock image of a key card lock

Hackers have discovered a technique that would allow intruders to unlock any of the millions of hotel rooms around the world in mere seconds.

Ian Carroll and Lennert Wouters, along with a team of other security researchers, revealed a hotel key card hacking method called Unsaflok, which outlines the series of security vulnerabilities that would allow a hacker to almost instantly unlock certain models of the Saflok brand of RFID-based key card locks sold. Swiss-based locksmith Dormakaba, according to Wired.

Saflok keycard systems are installed on approximately 3 million doors worldwide at 13,000 properties in 131 countries, per outlet.

Related: Why You Should Always Wear One Shoe in a Safe Hotel, According to a Flight Attendant’s Viral Video

Carroll and Wouters’ technique starts with getting any key card from a target hotel, reading a certain code from that card using an RFID reader-writer device (easily purchased for $300), and then writing two key cards of their own . When they hit those two cards on a lock, the first one rewrites a piece of the lock’s data and the second card opens it, according to Wired.

“Two quick taps and we open the door,” Wouters, a researcher in the Computer Security and Industrial Cryptography group at Belgium’s KU Leuven University, told Wired. “And that works on every door in the hotel.”

He and Carroll, an independent security researcher and founder of the travel website Seats.aero, shared their hacking technique with Dormakaba in November 2022. For about a year now, the company has been working to put hotels that use Saflok aware of system security flaws. and help them repair or replace their locks.

For most Saflok systems sold in the past eight years, no hardware replacement is required for each individual lock, according to Wired. To solve the problem, hotels simply need to update or replace their front desk management system and bring in a technician to manually reprogram each door lock.

Never miss a story – sign up for PEOPLE’s free daily newsletter to get the best of what PEOPLE has to offer, from celebrity news to interesting human stories.

However, to date, little progress has been made in addressing the major safety issue. Wouters and Carroll told Wired that Dormakaba informed them that only 36% of the installed Safloks have been updated, as of this month. Dormakaba also told the pair that the entire setup will likely take months or longer, especially since the locks are not connected to the internet and some older locks require a hardware upgrade.

Related: Why You Should Connect Your Keys to Your Charging Cable in a Hotel Room, According to This Viral Tiktok

Dormakaba told PEOPLE in a statement that the company published detailed information about the security vulnerability on March 20.

“As soon as we were notified of the vulnerability by a group of external security researchers, we began a comprehensive investigation, prioritized the development and phased implementation of a mitigation solution, and worked to systematically communicate with customers,” a the statement said.

“We are not aware of any reported cases of this issue being exploited to date,” the statement continued. “In accordance with the principles of responsible disclosure, we are collaborating with the researchers to provide a broader alert to highlight how the existing risks with legacy RFID technology are evolving, so that for others to take precautionary measures.”

In the meantime, Wouters and Carroll say they hope to warn the public about the hacking technique.

“We’re trying to find a middle ground in terms of helping Dormakaba fix it quickly, but also telling the guests about Wired,” Carroll told Wired. become even more of a problem.”

They told the outlet that, in most cases, guests can identify the vulnerable locks by their unique design — an accurate RFID reader with a wavy line running through it. If Saflok is on the door, guests can verify that the lock has been updated by checking their keycard with NXP’s Taginfo NFC app. If the lock has been made by Dormakaba, and the app shows that the keycard is still a MIFARE Classic card, it is probably still vulnerable to hacking.

In that case, Carroll and Wouters advise guests not to store valuables in their room and to push the door chain when inside. They noted to Wired that the deadbolt is also controlled by the keycard lock so it won’t provide additional protection.

“If someone locks the bolt dead, they’re still not protected,” Carroll told the outlet.

For more People news, be sure to sign up for our newsletter!

Read the original article on People.

Leave a Reply

Your email address will not be published. Required fields are marked *