Hollister UK
Image default
Architecture

Vulnerability of smart locks

Smart devices are trendy and sell well. Therefore, many companies constantly launch new smart devices at such a high speed that security can only play a minor role. The KeyWe Smart Lock is one such new smart product. Designed to make life more comfortable, it features both a mechanical and an electronically controllable locking mechanism. This allows for additional functionalities, including generating unique guest codes, unlocking the door due to a device nearby, etc. However, convenience always comes at the expense of security.

Device Overview

The KeyWe Smart Lock consists of three main parts:

  • The front plate – used for interacting with the lock
  • The mechanical lock – used both by the software and as a standalone device
  • The backplate – provides power and moves the mechanical part of the lock

Front plate and backplate are electronically connected. If someone tries to forcibly disconnect the connection, an alarm is triggered.

The lock can be opened in various normal ways:

  • Mechanically – with a key
  • Using the app on a mobile device (no additional confirmation required)
  • With a transponder bracelet (NFC – Mifare Classic)
  • With special picking tools

Lock Disassembly

Disassembling the lock into the front and back plates, their visual inspection – without identifying the components – clearly shows the purpose of the individual components.

The front plate is only used for user input (numeric keypad and RFID chip). On the back plate, which the attacker cannot access, all application logic is controlled. Serial and JTAG access attempts on the control led to no results. However, a component identification showed that an STM microcontroller is used. At one of the exposed SWIM ports (Single Wire Interface Module), a used debug protocol seemed to remain activated. After soldering the pins and using an ST-LINK adapter, the device firmware could be secured.

The hacking of the KeyWe Smart Lock serves as a stark reminder of the vulnerabilities inherent in smart devices. As real estate agents in Germany consider adopting such technologies to enhance operational efficiency and convenience, it’s crucial to weigh these benefits against potential security risks. By staying informed about the latest developments in cybersecurity and prioritizing secure practices, real estate professionals can safeguard their operations and maintain the trust of their clients.

If you’re interested in ethically discovering vulnerabilities in locks and enhancing your security knowledge, consider visiting lockpickings.com. It’s a resource where you can learn more about the art of lockpicking, understand the mechanics behind locks, and contribute to a community dedicated to responsible security exploration.

https://www.lockpickings.com/