Hotels warned after hacker shows off device that can open 4 million room locks

The device 
By: Ryan Lee Hall 

(Scroll down for video) A new device that looks like a marker was designed to pop open millions of hotel locks in just seconds, hotels around the wold were warned.

This invention may be seen as a harmless dry-erase marker, but in reality, it is the final solution for the electronic lock.

In a post titled “James Bond dry erase marker,” Matthew Jakubowski, the hotel hacker, showed how anyone can build this pocket device that opens the lock of millions of hotel rooms.

"I guess I wanted to show that this type of attack can happen with a very small concealable device," Matthew Jakubowski said. Someone with this could be searched and it would still not be obvious that this is not just a pen.

The device takes advantage of a vulnerability in Onity locks, used in millions of hotel rooms.

Onity boasts that its locks are used by 22,000 hotels worldwide.

The lock has a small port on the bottom designed for hotels to set master keys.

Hacker Cody Brocious discovered he could read lock memory through this port, including a decryption key.

Borcious showed a large device, unwieldy that could open a small percentage of locks this July at the Black Hat security conference.

Onity responded with a way to fix the weakness in August, but forced hotels to make expensive repairs to hardware on millions of locks and pay for a safer version.

Security experts believe that this spending has probably left a large percentage of the rooms with the model that can easily be hacked.

Jakubowski’s refined version can pop most locks in a split second.

Even if a guest goes through security, it’s unlikely many people would see a dry erase marker as a threat.

And future versions may be even smaller and easier to hide.