August 22, 2024 at 01:54PM
Cybersecurity researchers discovered a hardware backdoor in a specific model of MIFARE Classic contactless cards, enabling unauthorized access to open hotel rooms and office doors. The backdoor allows compromising user-defined keys and can be executed through a supply chain attack. Consumers using these cards, widely used in hotels across the U.S., Europe, and India, are advised to check for susceptibility.
Key Takeaways from Meeting Notes:
– Hardware backdoor discovered in a specific model of MIFARE Classic contactless cards, allowing unauthorized access to hotel rooms and office doors.
– Backdoor affects FM11RF08S variant released in 2020, allowing compromise of all user-defined keys on the cards.
– Similar backdoor identified in previous generation FM11RF08, with observed instances dating back to November 2007.
– Attack can be executed instantaneously by an entity carrying out a supply chain attack.
– Consumers, especially those in the hospitality industry, urged to check susceptibility to the backdoor.
– Security issues previously found in other hotel locking systems, such as Dormakaba’s Saflok electronic RFID locks.
– Follow company’s Twitter and LinkedIn for additional exclusive content.
Let me know if you need any further details or if there’s anything else I can assist you with!