Man hacks Android smartphone by implanting a NFC chip in his hand
Implants for cattle, used by hacker Seth Wahle to launch Android attacks

Man hacks Android smartphone by implanting a NFC chip in his hand

When you are holding an Android phone, you just hold it. However, when Seth Wahle holds the same Android phone, an NFC chip in his hand can load a malignant web page that misuses the phone. So, does that mean that you should not let people touch your phone henceforth? Well, you do not have to go berserk just yet.

Man hacks Android smartphone by implanting a NFC chip in his hand

The first phase in converting himself into a walking, talking Android hack was for Wahle to find an NFC chip appropriate for implantation. That’s not the kind of thing one can order on Amazon, after all. He was ultimately able to buy some Schott 8625 Bio-glass capsules with embedded NFC tags from a company in China. These tags are mostly used to recognize livestock in an agricultural setting, but the bio-neutral tubes work equally well in humans.

Wahle could not have implanted the chip by a doctor considering the many types of body modification. As a result, he had an “unlicensed amateur” inject it with a special syringe. Wahle resides in Florida, which has strict body modification limitations. However, in most other places you can get a professional piercer who will do implants of various types. The chip in Wahle’s hand lets him send a web page to any Android phone with an NFC chip, and this page is the key to his misuse.

The hack needs that the person using the phone manually load the file downloaded via the web page. This means that you need to go to the system settings to disable a security setting. Once the file is installed, the app connects to a remote server and let’s the attacker to commandeer the device. In this case, he lead the phone to take a picture. It’s even not close to being a silent app install, but it’s an amusing proof of concept. By simply touching the phone if you can get some kind of data then that would expand your options for misusing it. This may result in some future susceptibility leading to an attack without installing an app.

Wahle is scheduled to demonstrate his process at the Hack Miami conference in May. Let’s be fair, though. Why would you want to inject yourself when you can pretty much do the same thing by hiding a regular NFC chip in the palm of your hand? Seth Wahle clearly has a knack for excitement.

Resource : Forbes

LEAVE A REPLY

Please enter your comment!
Please enter your name here