When a hacker reveals a neat new trick at a high-profile hacking conference such as Def Con, it's usually just a matter of time before someone reproduces his technique in the wild.
In August, noted hacker Samy Kamkar unveiled a $30 device able to unlock several models of cars and garage doors. Less than two months later, someone is reportedly using it to break into people's homes in Whitestown, Indiana, a town with less than 4,000 inhabitants outside of Indianapolis.
The unidentified burglar, or burglars, have hacked the garage doors of "at least a dozen homes," apparently using Kamkar's device, according to a local news report.
The local TV report doesn't name the device, which Kamkar dubbed RollJam, but it does display a public picture of it during the broadcast. Police Chief Dennis Anderson describes it as a "handheld" transmitter that steals garage codes, just like Kamkar's RollJam. One of the sources in the report, moreover, also seems to implicitly refer to RollJam when he says that "anytime a thief can get something and they can get into anyone's garage or home for $30 that would be concerning to me."
But it's unclear how the police, or the TV station, can be so sure that the burglars are indeed using Kamkar's device. The Whitestown Metropolitan Police Department did not respond to Motherboard multiple requests for comment.
Kamkar himself was surprised by the report.
"Crazy," he told Motherboard in an email. "I'm not sure what to make of it."
Kamkar, who rose to fame ten years ago, when he gained one million friends on MySpace in just a few hours thanks to a clever and unprecedented virus, has yet to release the technical specs, as well as the code, behind RollJam. So it's impossible that the burglars just copied it from him.
"I never released a line of code [...] so maybe they're just putting 2 and 2 together, but somehow getting 5."
"I never released a line of code," he added. "The picture they're using is from the internet, not one they took, so maybe they're just putting 2 and 2 together, but somehow getting 5."
A few months ago, Kamkar revealed that a burglar only needed a modified kid's toy to unlock garage doors, but this device, dubbed OpenSesame, only worked with certain, older models of garage doors. Kamkar, who usually releases all the code and specs of his hacks, so that others can recreate his research, this time only released a bungled version of the code, so that random criminals couldn't abuse it.
Given that both OpenSesame and RollJam took advantage of the fact that garage and car key manufacturers are still using the outdated technique of rolling codes, it's possible that someone has hacked their own code-stealing device.
When he presented RollJam in August, Kamkar said that "most manufacturers don't really do anything until you demonstrate an issue," and that "it's only when it's public knowledge that people begin to improve."
Perhaps now that burglars are potentially using this technique, the world will take notice.