A team of "ethical", i.e. good, hackers spent a year and a half testing the magnetic keys that are used to open common hotel doors.
Recently, the group published a report in which it claims to have identified a flaw that would allow it to unlock over 3 million doors in a few seconds.
Ian Carroll and Lennert Wouters lead the team that identified the issue, called "Unsaflok".
The name derives from the lock model produced by Saflok, installed in 13,000 hotels and homes in 131 countries around the world.
By exploiting the weaknesses of both the lock itself and the key card, Carroll and Wouters demonstrated how easily they can open a door.
The technique begins with obtaining any key card from a target hotel, such as booking a room.
The researchers then had the code "read" by a reading-writing device, purchased on the market for 300 dollars, and then duplicated the information on their own key, where previously no data had been present.
Using both cards, you can unlock the entrance, in about 3 seconds.
In November 2022 the experts reported their findings to lock manufacturer Dormakaba, which updated the devices, informing hotels of the threat, without making the matter public.
However, the researchers point out that the discovered vulnerabilities have existed for more than 36 years, with the possibility that they have already been exploited in the past.
In an interview with the Arstechnica website, the two state that the solution has been implemented on 36% of locks, with the possibility that months will pass before the total installations are secured.
Reproduction reserved © Copyright ANSA