Hackers Found Backdoor in High-Security Safes—Opens in Seconds

Security researchers have uncovered significant vulnerabilities in high-security electronic safes, specifically affecting Securam Prologic locks used in various brands, including Liberty Safe. The vulnerabilities allow unauthorized access to safes in mere seconds, raising concerns about the security of items stored within, such as firearms and narcotics. James Rowley and Mark Omo, the researchers, initiated their investigation after learning that Liberty Safe had provided the FBI with a code to open a safe related to the January 6 Capitol incident. Rowley noted, 'How is it possible that there's this physical security product, and somebody else has the keys to the kingdom?' This statement reflects the shocking implications of the findings. Their research revealed two major vulnerabilities: one is a backdoor intended for locksmiths that can be exploited by hackers, and the other involves a hidden port in the lock that allows for the immediate retrieval of a safe’s unlock code. The vulnerabilities affect at least eight brands of electronic safes, significantly undermining the perceived security of these devices. The researchers highlighted that the ease of access through these vulnerabilities poses a severe risk to users. In the context of these findings, experts are calling for enhanced security protocols for high-security locks, especially considering their use in securing sensitive items. Rowley and Omo's findings have prompted discussions within the security community regarding the need for manufacturers to address these vulnerabilities promptly. As the investigation continues, security professionals are urging users of electronic safes to remain vigilant and consider additional security measures. The researchers have not yet disclosed specific model numbers or version details that are affected, but the implications of their findings are profound, particularly for those who rely on these devices for safeguarding valuable or dangerous items. The industry response may include updates and patches from manufacturers to address these vulnerabilities, and users are encouraged to monitor developments closely.