Hackers Found Backdoor in High-Security Safes–Can Open Them in Seconds
13 days ago
- #backdoor-vulnerabilities
- #electronic-safes
- #cybersecurity
- Security researchers James Rowley and Mark Omo discovered vulnerabilities in Securam ProLogic locks used in electronic safes.
- They found two methods to exploit these vulnerabilities: ResetHeist, which allows computing a reset code via firmware analysis, and CodeSnatch, which extracts a 'super code' via a debug port.
- Securam locks are used by multiple safe manufacturers, including Liberty Safe, Fort Knox, and others, affecting safes storing firearms, cash, and narcotics.
- The researchers disclosed their findings at the Defcon hacker conference after facing legal threats from Securam.
- Securam's CEO claimed the vulnerabilities were known to industry professionals and required specialized knowledge to exploit, but the researchers disputed this.
- US senator Ron Wyden had previously warned about the risks of backdoors in Securam locks, which are owned by a Chinese parent company.
- The researchers emphasized the broader issue of weak cybersecurity standards in consumer products and the need for public awareness.
- Securam plans to fix the vulnerabilities in future models but will not update existing locks, advising customers to replace them instead.