NFC Security Awareness Project

Warning Messasge

http://www.wallofsheep.com/pages/05c28a34e2eeeefaeeca2e6796a06ae572f4814e3c5c592652468da5a9c2a55e

 

The invariable problem with new technologies is the potential for new attack vectors. Near Field Communication (NFC) is gaining momentum as an added feature within smartphones and tablets.

 

NFC is an amazing tool for marketing and advertising because the experience becomes enriched with interactive content. Consumers can be incited with free samples of media delivered using NFC.

 

The potential risk comes from someone with malicious intent creating or replacing an existing NFC tag with infected content.

 

Malicious intent can vary from collecting unauthorized information about the device to changing the device settings to delivering malicious software to the device for remote access.

 

To demonstrate the risk, we gave out buttons with NFC tags hidden within, as well as placing NFC tagged posters (see below) all around the DEF CON. 

 

Our theory was if we could convince the most security savvy individuals, at what is known to be the world’s largest hacker conference, the average smart phone user would be at a significant risk.

 

At DEF CON, our theory proved to be correct as we were successfully able to entice approximately 50 attendees to scan our NFC tagged posters and buttons that “could” have been infected.

 

We then gave a controlled live demonstration of what someone with malicious intend could really do to a smartphone user with NFC enabled.

 

The demonstration was as follows:

 

Using a brand new fully patched Galaxy S4, we were successfully able to download and install malware by scanning a malicious tag. The malware duplicated all SMS messages from the infected host to a mobile phone of our choosing.

 

After this rather scary demonstration, we then encouraged the crowd to use caution when scanning NFC tags they don’t control.

 

NFC Awareness Project - Poster

 

Exclusive Poster Code - Music

http://www.wallofsheep.com/pages/50a6b99d195ca35513c9bc5dc39da7b267ec82e8a15557fc81d912ad2f1fee4b

 

Rick Roll'd

http://www.wallofsheep.com/pages/12af61c70e2355fdb1127542af44aea0131ce464bf6372b565c9a58a6511b011

 

Example Button

 

 

Malware Device Access

Example of the Fake Security Suite 

 

CREDIT

David Schwartzberg

Brian Markus

Joseph Mlodzianowski

Robert Scott

 

Additional Research Used

žCharles Miller

—https://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf&ei=bTEHUcrPOaigyAHRxYDAAQ&usg=AFQjCNGGIHCKVpXSfkHTj9BOdVrL2sUzjg&bvm=bv.41524429,d.aWc

žP4r4n0id Research
—http://p4r4n0id.com/?p=638
žAnd several others who asked not to be named.