Hacker cracks 4 million hotel locks with 'James Bond Dry Erase Marker'



This new hacker invention may look like a harmless dry erase marker, but in truth it's the ultimate electronic lock pick.



In a post titled 'James Bond's Dry Erase Marker,' hotel hacker Matthew Jakubowski demonstrates how anyone can build this pocket-sized device which will open the lock on an estimated 4 million hotel rooms.

'I guess we wanted to show that this sort of attack can happen with a very small concealable device,' says Matthew Jakubowski, a security researcher with Trustwave, told Forbes . 'Someone using this could be searched and even then it wouldn't be obvious that this isn't just a pen.'

Scroll down for video

Hacked: An electronic lockpick concealed in a dry erase marker could come in handy on James Bond's secret missions

The device exploits a vulnerability in Onity locks, a cheap lock used on millions of hotel room doors.

Onity's site boasts their locks are used in 22,000 hotel worldwide.

The lock has a small port on its bottom designed for hotels to set master keys.



Hacker Cody Brocious discovered you could read the lock's memory through this port, including a decryption key.

Borcious demonstrated a large, unwieldy device that could open a small percentage of locks this July at the Black Hat security conference.

Lockpick: The harmless looking device easily accesses millions of hotel locks

Onity responded with a way to patch the weakness in August, but the fix required hotels to make costly hardware repairs to millions of locks as well as pay for a more secure version.

Security experts believe the expense has likely left a huge percentage of hotel rooms with the easily cracked model.



Jakubowski's refined version can pop most locks in a fraction of a second.

Even if security searched a guest, its unlikely many people would see a dry erase marker as a threat.



And future versions may be even smaller and easier conceal.

'This is by no means the best solution or the only solution to make this fit into a pen, but for what we had available and with the time we had to do it, it's what we were able to come up with,' Jakubowski wrote in a blog post explaining the hack.

