A known hack of a popular hotel keycard reader was allegedly employed in the burglary of a woman's hotel room in Texas.
The hack, which was detailed at a security conference in July, was allegedly used in September to break in to the Houston Hyatt hotel room of Janet Wolf, a Dell IT services consultant, who reported the theft of her laptop. Lacking any sign the lock had been picked, suspicion immediately fell upon the maid service. However, a hotel management soon determined that none of the maids' keys had been used to open the room at the time of the theft.
A couple of days later, according to Forbes, Wolf learned from the hotel's management that her room had been accessed via a digital tool that sprang the door's lock. Houston police have arrested Matthew Allen Cook, 27, in connection with the theft, as well as others at the hotel. Cook, who reportedly has a history of arrests for burglary and theft, was linked to the burglary through a local pawn shop that received a laptop stolen from one of the hotel rooms.
White Lodging -- the franchisee that manages the Houston Hyatt -- told Forbes that it believes the door were opened using a device that took advantage of a vulnerability in keycard door locks made by Onity -- locks that are used in more than 4 million hotel rooms around the world. The vulnerability was detailed at the Black Hat security conference by Cody Brocious, who demonstrated how he was able to open hotel doors with a gadget he built with materials costing less than $50.
Brocious' device spoofed a portable programming device used to control door locks. In a demonstration, the 24-year-old Mozilla developer and security researcher showed how a plug inserted into a DC port on the underside of the lock could spring the hotel door lock. The vulnerability occurs because the exposed port allows any device to read the lock's memory, where a string of data is stored that will trigger its "open" mechanism.
White Lodging told Forbes that Onity implemented a fix only after the September break-ins, and told guests that it had resorted to applying an "epoxy putty" at the bottom of the locks to block access to the port.
CNET has contacted Onity for comment and will update this report when we learn more.
Known keycard hack suspected in hotel room burglary
This article
Known keycard hack suspected in hotel room burglary
can be opened in url
http://newspolyiodide.blogspot.com/2012/11/known-keycard-hack-suspected-in-hotel.html
Known keycard hack suspected in hotel room burglary
