Wednesday, November 28, 2012

Hotel room lock hack may have been used in Texas burglaries

Via Cousin Bill

Onity 

September brought a series of mysterious break-ins to the Hyatt House Galleria in Houston, Texas. In the latest, a 66-year-old woman's laptop was stolen from her room, and the lock's records showed that no key, be it the woman's, the maid's, or a duplicate, had been used.

Police told NBC News that they arrested Matthew Allen Cook on Oct. 31, after the stolen laptop showed up at a pawn shop and employees identified the suspect. But police said that they are leaving the issue of how he entered the rooms to the prosecution.

The strange circumstance of a locked door being opened without a key would be a mystery worthy of Sherlock Holmes, if not for one thing: The lock was one with a well-known security exploit made public by a hacker earlier this year.

The lock in question is from Onity, a major supplier of electronic and keycard locks for hotels like the Hyatt. Cody Brocious, a software engineer at Mozilla and hobbyist hacker, demonstrated a vulnerability in many of their locks in July, afterwards showing a refined technique onstage at the Black Hat hacker conference. Andy Greenberg at Forbes reports that the method used in the recent break-ins is more than suggestive of the hack.

More @ NBC

No comments:

Post a Comment