The device exploits a vulnerability in Onity locks, a cheap lock used on millions of hotel room doors. Onity's site boasts their locks are used in 22,000 hotel worldwide.
The lock has a small port on its bottom designed for hotels to set master keys. Hacker Cody Brocious discovered you could read the lock's memory through this port, including a decryption key. Borcious demonstrated a large, unwieldy device that could open a small percentage of locks this July at the Black Hat security conference.
Onity responded with a way to patch the weakness in August, but the fix required hotels to make costly hardware repairs to millions of locks as well as pay for a more secure version. Security experts believe the expense has likely left a huge percentage of hotel rooms with the easily cracked model. Jakubowski's refined version can pop most locks in a fraction of a second."