Hackers Can Now Quickly And Easily Open High-Security Safes

Security researchers discovered major weaknesses in electronic safe locks, affecting at least eight brands designed to protect guns, cash, and narcotics.

James Rowley and Mark Omo began investigating after learning Liberty Safe had given the FBI a code to open a suspect’s safe in 2023. “How is it possible that there’s this physical security product, and somebody else has the keys to the kingdom?” Omo asks,according to a detailed report by WIRED.

The researchers found two methods to access Securam ProLogic locks installed in Liberty Safes, and many other models. The ‘ResetHeist’ technique lets users create new unlock codes by analyzing information stored in the lock’s firmware. The second method, called ‘CodeSnatch’, allows users to retrieve a “super code” by plugging into a hidden port, which they say is “really not that challenging” to exploit.

Securam’s CEO, Chunlei Zhou, told WIRED the vulnerabilities are “already well known to industry professionals” and require “specialized knowledge, skills, and equipment.” Omo and Rowley disagree, saying one method needs no special gear and is far more serious than drilling or cutting a safe.

The company plans to address the security flaws through an upcoming new product line. However, Wired noted that it refused to provide updates for existing locks. Hence, customers who want enhanced security must purchase new locks.

Senator Ron Wyden says the findings prove his warnings about backdoors. “Experts have warned for years that backdoors will be exploited by our adversaries […] This is exactly why Congress must reject calls for new backdoors in encryption technology.”

Omo and Rowley are sharing their findings now to alert safe owners. “We want Securam to fix this, but more importantly we want people to know how bad this can be,” Omo says to WIRED. “Electronic locks have electronics inside. And electronics are hard to secure.”