Skip to main content

DEF CON attendee finds 75 percent of Bluetooth smart locks are open to hacks

bluetooth smart locks easily hackable 39577996 ml
Alexander Kirch/123RF
At this year’s annual DEF CON hacking conference in Las Vegas, a duo of researchers made the startling discovery that roughly 75 percent of Bluetooth-powered Low Energy smart locks are susceptible to hacks. What’s arguably a touch more unsettling than the researchers’ findings, however, is the fact the manufacturers of these at-risk locks — companies like Ceomate, Vians, Quicklock, and others — didn’t seem overly concerned their products contained such holes. Considering a large part of smart home innovation is geared toward making homes safer, these findings certainly won’t be attracting new customers anytime soon.

While attending the DEF CON conference last week, electrical engineer and smart home researcher Anthony Rose took to the task of testing 16 different Bluetooth smart locks. Along with research partner Ben Ramsey, the duo found that 12 of the reviewed locks featured at least some amount of wireless access when attacked. Furthermore, Rose and Ramsey say that the difficulty of successfully hacking each product was various, as some proved to be rather easy to access while others boasted a slightly harder barrier for entry.

The August Smart Lock
August

“We figured we’d find vulnerabilities in Bluetooth Low Energy locks, then contact the vendors,” Rose told Tom’s Guide. “It turned out that the vendors don’t really care. We contacted 12 vendors. One one responded, and they said, ‘We know it’s a problem, but we’re not gonna fix it.'”

Obviously, a statement of that nature is particularly troubling, though it’s the actual vulnerabilities Rose and Ramsey found that are especially damning to the companies involved. Of the 12 locks boasting security holes, four of them willingly sent a user’s password — in plain text — to a smartphone, meaning someone who knows their way around a Bluetooth sniffer wouldn’t have to struggle much to obtain a critical password. Additionally, Rose and Ramsey reported that Quicklock’s Doorlock and Padlock models even offered to send the password multiple times, allowing them to change the password and effectively cut off access to the original owner.

“Vendors prioritize physical robustness over wireless security,” Rose added. “Our recommendation to anyone who owns one of these smart locks is to turn off Bluetooth on the smartphone when it’s not in use.”

Though a few of the manufacturers with hacked locks claim they encrypt a user’s password when it’s transmitted via Bluetooth, Rose and Ramsey still reported having the ability to swipe the password out of thin air before sending it back to the lock itself. By doing this, the smart lock would then unlock itself without the original owner knowing or either of the researchers needing to decrypt and encrypted password.

So who passed the test? According to the pair of researchers, models released by August and Kwikset boasted enough security — i.e., no hard-coded passwords, proper encryption, and two-factor authentication — to pass as somewhat secure. It is worth noting that a different researcher at DEF CON claims to have hacked the August Smart Lock so, take Rose and Ramsey’s pseudo-seal of approval with a grain of salt.

Editors' Recommendations

Rick Stella
Former Digital Trends Contributor
Rick became enamored with technology the moment his parents got him an original NES for Christmas in 1991. And as they say…
Lockly smart lock adds voice controls, fingerprint sensor to existing deadbolts
The Lockly Flex Touch Pro installed on an existing deadbolt.

Lockly seems to have kept renters in mind with its latest product, the Flex Touch Pro. Unlike most traditional smart locks, this one doesn’t require you to install a new deadbolt -- yet still manages to add both voice controls and a fingerprint scanner to your front door.

The Flex Touch Pro was revealed during CES 2023 and is scheduled to be released in the first quarter of 2023 with a price tag of $230. That pricing puts it right in the middle of the smart lock market, although its retrofitting design and impressive biometric features should make it an appealing option for both renters and homeowners. The product comes with three unique frames to offer a nearly universal fit and supports Wi-Fi for remote access, letting you check in on the status of your door regardless of where you are.

Read more
Why aren’t smart locks and video doorbells the same device?
eufy by Anker Security Video Smart Lock installed on corner.

From security cameras and deadbolts to light bulbs and more, the past few years have seen an explosion of new smart home products. You’ve probably noticed Ring doorbells installed on your neighbors’ front porch when out for a walk -- and if you haven’t, you’re probably at least familiar with one of a dozen different viral videos captured by them.

Despite the boom in smart gadgets, there’s an absolute dearth of smart locks that double as doorbell cameras. The two products seem like a match made in heaven, letting you secure your home and monitor it at the same time, but few manufacturers have experimented with the format. However, there are a few good reasons as to why these smart lock + video doorbells are so scarce.
They do exist, actually

Read more
Bluetooth hack compromises Teslas, digital locks, and more
Tesla Model 3 keycard.

A group of security researchers has found a way to circumvent digital locks and other security systems that rely on the proximity of a Bluetooth fob or smartphone for authentication.

Using what’s known as a “link layer relay attack,” security consulting firm NCC Group was able to unlock, start, and drive vehicles and unlock and open certain residential smart locks without the Bluetooth-based key anywhere in the vicinity.

Read more