Hotel burglars suspected of exploiting lock security bug

Hotel door lock Hotels are using thick glue to stop hackers getting at vulnerable door locks

Related Stories

Burglars seem to be exploiting a bug in widely used electronic door locks to steal from hotels.

The bug was first publicised at a hacker conference in July, showing how a simple electronic device could unlock doors in seconds.

A series of thefts from hotels in Texas is being traced to a burglar who unlocked doors with the same technique.

Insurance firms said they expected to be "hit hard" as knowledge of the hack spread among professional thieves.

Glue fix

Independent security researcher Cody Brocious detailed the technique for defeating locks used to secure more than four million doors, at the Black Hat hacker conference in July.

Since his discovery, the technique has been refined by other security researchers, with one squeezing all the electronics to unlock a door into the body of a marker pen.

Forbes reports that burglaries of a few rooms at the Houston Hyatt and three other unnamed hotels in Texas have been traced to thieves exploiting the loophole Mr Brocious discovered.

A letter from the Hyatt to one of the victims revealed that the locks had been picked with a "digital tool".

Mr Brocious' technique involved inserting a digital probe into a small hole on the door lock mechanism that lets an attacker discover the combination for the lock and open it.

A man has been arrested and charged over the burglaries at the Hyatt hotel, but no suspect is in custody for the other thefts.

The Hyatt Houston said it had taken steps to harden doors against attack by filling the tiny hole with thick glue.

Before now Onity, which makes the locks attacked by Mr Brocious, said it was working with customers around the world to remove or replace locks vulnerable to attack. Onity has not released any statement about the latest attacks.

Insurance brokers interviewed by Forbes said they expected knowledge of the vulnerability to spread quickly even though many users of Onity locks have replaced or fixed their locks.

"We're going to get hit hard over the next year," Todd Seiders, a spokesman for Petra Risk Solutions, told Forbes.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

BBC Future

(Jeff Turner/Flickr/CC BY 2.0)

Is tech transforming language?

The truth about online communication Read more...

Programmes

  • Suspension bridge connecting mountain peaksThe Travel Show Watch

    Must-see global events including walking the first suspension bridge to connect mountain peaks

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.