
Hacker Implants NFC Chip in His Hand to Bypass Security Scans and Exploit Android - cgtyoder
http://www.forbes.com/sites/thomasbrewster/2015/04/27/implant-android-attack/
======
binarymax
_" Such an implant doesn’t get picked up at airports and so on, the amount of
metal in it is far far less than wearing a watch or wedding ring."_

why not use a device embedded in a watch or wedding ring instead of injecting
yourself with a piece of tech that can be obsoleted with a patch? Security
personnel won't suspect such things.

~~~
joeyspn
Or in a simple wristband (powerbalance, etc..)

~~~
throwitout
or put the NFC device in something like a barbell or ring, and pierce a part
of the body where you'd normally find a piercing.

You'd always have it on you, and be able to swap it out as upgrades are
required.

------
_ikke_
NFC in Android is not active while the device is locked [0]

> Android-powered devices are usually looking for NFC tags when the screen is
> unlocked, unless NFC is disabled in the device's Settings menu.

So to use this, the hacker already needs an unlocked device, in which case
it's just as easy to download the payload directly.

Usually, the range for NFC to work is quite close, 4 cm or less [1], and I
don't think these chips have the capability to increase the range.

[0]:
[http://developer.android.com/guide/topics/connectivity/nfc/n...](http://developer.android.com/guide/topics/connectivity/nfc/nfc.html)

[1]:
[https://developer.android.com/guide/topics/connectivity/nfc/...](https://developer.android.com/guide/topics/connectivity/nfc/index.html)

~~~
sschueller
I am able to pay with NFC on my note 3 without waking up the phone or
unlocking it. [0]

[0] [https://www.tapit.ch/en](https://www.tapit.ch/en)

~~~
rstuder
In the case of Tapit NFC does not communicate with the OS or the apps of the
phone. NFCcommunicates directly with the SIM card and the applets installed on
there. You can actually have your phone turned off and Tapit will still work.
(Source: I support the Tapit team)

------
DEinspanjer
I recorded a video that shows my hand a week or so after my installation:
[https://www.youtube.com/watch?v=WeIqDlaatp0](https://www.youtube.com/watch?v=WeIqDlaatp0)

This was an xNT NFC tag: [https://dangerousthings.com/shop/xnt-ntag216-2x12mm-
glass-ta...](https://dangerousthings.com/shop/xnt-ntag216-2x12mm-glass-tag/)

Turns out it wasn't installed too shallow, I just have thin and pale skin
which makes it very visible. :) The scar did disappear completely. Still use
it on my door locks and with a couple of apps on my phone.

Not sure if the antenna coil on this person's NFC chip is larger or better
orientated than mine, but one thing I'll say is that it isn't that easy to get
a random phone to pick it up. It took me several tries to figure out where I
had to put my hand, and a few weeks before I could quickly and reliably get it
to scan on the first try.

If I scan it with someone else's phone, it still takes several tries. The
antenna on most phones isn't very large, and the antenna on the NFC chips are
miniscule, so getting the right orientation and position isn't as easy as
swiping an RFID or NFC badge.

------
athoik
Surgery: [https://xkcd.com/644/](https://xkcd.com/644/)

------
FLUX-YOU
>A combination of pallid skin, hoody and laptop is the biggest giveaway. Such
hackneyed images of hackers are, of course, evidently wrong, bordering on
offensive

Damn straight it's offensive. I spent a lot of money on a suit, skimask and
laptop.

~~~
patcheudor
>Going by hacker stereotypes, it’d be pretty easy to physically identify
anyone committing an act of digital crime. A combination of pallid skin, hoody
and laptop is the biggest giveaway.

Our pen-testing group has members who fit that exact stereotype. We've found
that people don't care, even when acting suspicious. In fact, it gets more
interesting. Awhile back we all picked up blue prison work jumpsuits from a
local surplus store that say "Work Crew" on the back in faded lettering. When
combined with a small red toolbox it seems prison jumpsuits are as good as a
firefighters uniform for gaining access to places. I've become bold enough
while wearing mine that I've openly picked locks on doors in busy offices. I
haven't been caught yet & the assessment photos really hit home far more in
the end-of-review report. It's pretty easy for a manager to dismiss a
compromise by someone dressed as a fire fighter but not so much when its some
dude in a prison jumpsuit.

~~~
spacemanmatt
I love this. You have taken pen-testing to a level of security-shaming.

~~~
jacquesm
Standard trick to enter a building you have no business being in: carry a
large cardboard box while walking up to the door just behind someone else.
Better than even money they'll hold the door open for you.

------
davidgerard
> A combination of pallid skin, hoody and laptop is the biggest giveaway.

Bah _(waves)_ everyone knows that _hackers_ wear business suits and
balaclavas.
[https://www.google.co.uk/search?q=stock+photo+hacker&tbm=isc...](https://www.google.co.uk/search?q=stock+photo+hacker&tbm=isch)

------
hobarrera
There's little research into these sort of implants, but lots of potential,
IMHO.

At one point, I though about a subdermal RFID to use with an RFID door-lock.
Then I realized it can trivially be copied and spoofed, so no. I'm currently
considering the utility of an NFC chip which shares a vcard (vcf) to quickly
share contact details. Sound doable, trivial, and somewhat useful.

~~~
crististm
I've heard that these implants also get you some piece of mind knowing that
you are safe/secure. Dogs get these implants too and they look more
intelligent then those who don't get to have them.

~~~
13
Would be amusing to program the RFID in someone's dog to open the front door
though, necessitating picking up a German Shepard to hold it up to a reader.
Better still make the dog a spare key and nobody would ever notice.

~~~
thrownaway122
Cat flaps already do this...

~~~
pvaldes
Mhhh... I realise now that cats are the perfect NSA intrusion mecanism in
fact. You can put some kitten of troy in front of the port of a hacker and
your feline agent will couple and connect with the hacker laptop with a 100%
of accuracy for many minutes each day. Is the perfect crime, if we think about
it... they could call it, the PPP (Pretty Pink Panther) project.

~~~
pavel_lishin
[http://en.wikipedia.org/wiki/Acoustic_Kitty](http://en.wikipedia.org/wiki/Acoustic_Kitty)

~~~
pvaldes
20 million spent and the cat was released and inmediately killed by a taxi?.
Monty-pythonesque. Reality is always better than fiction :-)

Time to create the Rule 36 of internet?: if exists, someone will try to spy
it.

~~~
thrownaway122
These people clearly did not have any experience with cats. What does a cat do
when released into a strange place? It panics and then hides.

------
fmela
> He first had to acquire the chip, designed to be injected into cattle for
> agricultural uses, from Chinese company Freevision (see images below for
> their animal products and the sizeable syringe used by Wahle). But the chip,
> which has just 888 bytes of memory

Something tells me that the 888 byte memory limit is intentional.

~~~
ptaipale
What you won't find is a chip with 444 bytes of memory. That would be a killer
(not in a positive sense).

------
mpclark
Think of all the ways you could tempt a phone user to visit a specific URL. An
email, Twitter, a QR code, graffiti etc. This is just another one of those --
and not particularly easy to execute, at that.

And if I wanted to carry a URL across borders or into a secure facility I
would memorise a bitly link.

~~~
DEinspanjer
Yeah. Even a QR code could be much easier to deal with. Maybe as a follow-up
they'll demonstrate using a tattoo of a QR code. ;)

------
castell
All registered dogs already need a NFC implant. Hopefully this requirement
will never ever carry on to human beings - it's like 1984.

[edit: Technically the dog implants use RFID. NFC standards cover
communications protocols and data exchange formats, and are based on existing
radio-frequency identification (RFID) standards including ISO/IEC 14443 and
FeliCa. There are several RFID frequency bands like 13.56 MHz:
[http://en.wikipedia.org/wiki/Radio-
frequency_identification#...](http://en.wikipedia.org/wiki/Radio-
frequency_identification#Frequencies) ]

~~~
cgtyoder
What country? Certainly not the US.

~~~
chiph
The EU Pet Passport, that lets Fido skip Rabies quarantine, require that he
have an implanted chip.

[http://ec.europa.eu/food/animal/liveanimals/pets/qanda_en.ht...](http://ec.europa.eu/food/animal/liveanimals/pets/qanda_en.htm)

------
neotek
I've wanted to do this (implant an RFID chip, not exploit Android phones) for
a while now but I can't figure out how to get it done here in Australia.
Anyone have any suggestions?

~~~
PhasmaFelis
It's not exactly an above-board medical procedure in the US, either. What are
body modification laws like in Australia? I think most of the Americans with
this sort of implant had them done by professional body piercers, which is
legal in most US states (though possibly not Florida, going by the article).
Of course, many piercers won't want to, and in any case they aren't licensed
to use anesthesia, which you may consider a drawback.

I would say your best bet is to Google for info on how it's done and on the
legality of under-skin cosmetic implants in Australia, then take your findings
to local body piercers and see if you can find any willing to do it.

~~~
neotek
Thank you, I'll do as you suggest.

------
jordigh
This reminds me so much of cyberpunk fantasy and of the Panther Moderns
sporting microsofts. Backstreet chip implants for enhancing hacking skills.

------
lucb1e
A friend of mine did this as well. Didn't know this was cool enough to get on
Forbes.

------
frozenport
Is it socially acceptable to walk around exploiting other people's devices :-)

~~~
juliangregorian
The whole premise of social engineering is subverting what is considered
socially acceptable.

------
rlonstein
A friend implanted an RFID in 2005...
[http://screwdecaf.cx/chipped.html](http://screwdecaf.cx/chipped.html)

I suppose the bloviating about security and Android is a twist on the story.

------
amelius
Can somebody explain how this could possibly work in a world where strong
encryption is already commonplace?

------
before
> Exploit android

> It has an NFC antenna that pings Android phones, asking them to open a link.

