Millions of hotel rooms remain vulnerable to a new hacking device disguised as a dry erase marker

Over four million hotel rooms across the world are now vulnerable to break-ins thanks to a new tool that hacks into the door cardkey lock when inserted into the bottom port. The tool appears to be nothing more than a dry erase marker, but remove the cap and you can clearly see this is no marker. Built by three hacker researchers, the tool exploits a vulnerability in the popular Onity locks and is able to read the lock’s memory when inserted.

This gives the device access to a decryption key which is used to open the door. Assembled in a little over eight hours and having a hardware budget of only $30, this home-built lock-pick represents one of the stealthiest techniques for hacking hotel cardkey locks seen so far.

Onity has released two different types of fixes for this. Option one required hotels to purchase new more secure hardware and make costly repairs to their affected locks while option two provided a free fix by inserting a locked plug into the door lock’s data port.

Original article by Andy Greenberg.
Read the full article here.