Every August, Las Vegas hosts the notorious "hacker summer camp," comprising the Black Hat and Defcon hacker conferences. Amidst this gathering, a select group of security researchers were invited to hack a Vegas hotel room, uncovering vulnerabilities in its technology.
Ian Carroll, Lennert Wouters, and their team have revealed a technique named Unsaflok, which exploits security flaws in Saflok-brand RFID-based keycard locks by Dormakaba. These locks, installed on 3 million doors worldwide, are susceptible to a method that allows intruders to open any room with just two taps on a specially crafted keycard.
The researchers discovered weaknesses in Dormakaba's encryption and the MIFARE Classic RFID system, which Saflok keycards use. By reverse-engineering Dormakaba's front desk software, they were able to create a master key that can open any room on a property.
Although Dormakaba is working on a fix, only 36 percent of installed Safloks have been updated so far. The full fix may take months to years to roll out completely. The researchers stress the importance of hotel guests knowing the risks and suggest using the NFC Taginfo app to check if their keycard is still vulnerable.
While there have been no known exploits of Unsaflok, the researchers believe the vulnerability has existed for a long time. They urge caution, advising guests to avoid leaving valuables in their rooms and to use the deadbolt as an additional safety measure.
The discovery underscores the importance of security in hospitality technology and serves as a reminder for businesses to prioritize the security of their systems.