Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds (Video)

/in


https://www.vecteezy.com/photo/24543747-hand-using-keycard-for-smart-digital-door-lock-while-open-or-close-the-door-at-home-or-apartment-nfc-technology-fingerprint-scan-pin-number-smartphone-and-contactless-lifestyle-conceptshttps://www.vecteezy.com/photo/24543747-hand-using-keycard-for-smart-digital-door-lock-while-open-or-close-the-door-at-home-or-apartment-nfc-technology-fingerprint-scan-pin-number-smartphone-and-contactless-lifestyle-concepts

When thousands of security researchers descend on Las Vegas every August for what’s come to be known as “hacker summer camp,” the back-to-back Black Hat and Defcon hacker conferences, it’s a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city’s elaborate array of casino and hospitality technology.

But at one private event in 2022, a select group of researchers were actually invited to hack a Vegas hotel room, competing in a suite crowded with their laptops and cans of Red Bull to find digital vulnerabilities in every one of the room’s gadgets, from its TV to its bedside VoIP phone.

One team of hackers spent those days focused on the lock on the room’s door, perhaps its most sensitive piece of technology of all. Now, more than a year and a half later, they’re finally bringing to light the results of that work: a technique they discovered that would allow an intruder to open any of millions of hotel rooms worldwide in seconds, with just two taps.

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries.

By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock’s data, and the second opens it.

“Two quick taps and we open the door,” says Wouters, a researcher in the…

Source…

Crypto exchange hacker gets jail time

/in


Feds boost home buyers plan withdrawal limit to $60,000

Expanded HBP, combined with FHSA, could help first-time buyers build down payment faster

CRA launches new verification method for online access

The new verification process will be more convenient, but not all taxpayers will benefit

Industry moves this week

Notable news comes from banking, and a new leader joins Sterling Mutuals

Feds to propose funding for CRA real estate audits in 2024 budget 

Ottawa said it is targeting tax fraud in the housing sector

Source…

Malware Alert: Windows Devices in Crosshairs of New Threat Byakugan!

/in


Windows devices are now under a new threat – a malware named Byakugan, stealing sensitive data and providing remote access to attackers.

What is Byakugan?

Byakugan is a sophisticated malware that specifically targets Windows devices. It’s built using node.js and includes a variety of libraries such as a screen monitor, miner, keystroke recorder, file manipulator, and browser info stealer. This allows the intruder to steal sensitive data including cookies, credit card details, downloads, and profiles filled automatically. To add salt to the wound, Byakugan can even mine cryptocurrencies using the victim’s CPU or GPU resources.

Distribution and Infection Method

The malware is primarily distributed via a phishing campaign, where victims are lured with a fake PDF file containing a malicious link. The infection starts when the victim clicks this deceptive link. The process continues as a file named require.exe is deposited followed by the downloading of an installer program into a temporary folder. A DLL file is then manipulated through DLL hijacking, to execute require.exe and download the malware’s main module.

The Main Module

The main module of this malware is downloaded from the site thinkforce.com. This server not only aids in distribution but also doubles as a control panel for the attacker, allowing further exploitation and manipulation of the infected device.

Past Incidents

Similar attacks have been carried out before. Adobe was previously targeted with an infostealer disguised as an Adobe Reader install program, prompting users to download what they thought was Adobe Reader, but in reality was a malicious file. Two harmful files were created and a Windows system file was run with admin rights. The malicious DLL file managed to bypass User Account Control (UAC) through DLL hijacking.

About Acrobat Reader DC by Adobe

Acrobat Reader DC by Adobe is a top-notch office tool that is widely used for reading, commenting, printing, and signing PDF documents. It’s a key competitor to Word but distinguishes itself with its superior efficiency and its seamless connection to Adobe’s cloud. It’s a free and highly recommended software for Windows, Android, and iOS users.

Source…

The Logical Evolution Of Data Security

/in


Manny Rivelo is the CEO of Forcepoint.

Recently, I received a notification from a big hotel chain in Las Vegas of a recent data hacking incident. I’ve only stayed at that hotel once or twice in my life, but my personally identifiable information (PII)—my driver’s license and my credit card information—was now at risk of being spread all over the internet or dark web. It’s a letter no company wants to send to its customers. Data breaches like these are costly and the reputational harm is incalculable. And it does cause me to pause in considering if I will ever stay there again.

Managing an unprecedented volume of data spread across numerous devices is the data management challenge that organizations across industries, such as hospitality, healthcare, financial services and more, face today. The fundamental question that arises for these businesses is: How can they accurately track their data—determine its location, manage access and control user interactions? Addressing these concerns requires an evolution in data security practices that I believe must occur in three crucial areas.

The Modern Convergence Of Data Security And Networking

In the contemporary business environment, most organizations entrust their infrastructure and software management to cloud, SaaS and PaaS providers. However, they’re realizing they need to retain control of their data. Everyone has their own motivations and business reasons for protecting different types of sensitive and critical data, which is dispersed in multiple clouds—in various public clouds, traditional data centers and personal devices far from corporate headquarters.

The theft of intellectual property is a competitive issue, whereas breaches of regulated data like PII, in my case, or personal health information (PHI) trigger compliance mandates and financial penalties. All types of data loss are rapidly becoming board-level, existential threats.

Consequently, data and network security are increasingly intertwined as the network has become key to how sensitive data is accessed. Success in this context hinges on implementing consistent security policies across diverse networks and clouds, supported by robust…

Source…