Hacker implants chip to exploit Android phones

Plenty of people these days are prepared to augment their bodies with face furniture, piercings, rings and tattoos.

But would you implant a chip in your hand to show how easy it is to exploit an Android phone?

That’s what former US navy petty officer Seth Wahle did, in an attempt to demonstrate how business networks could be compromised.

Wahle took an NFC chip, similar to the kind found in many of today’s smartphones, and injected it between the thumb and finger of his left hand. According to Forbes, the injection was something of an eye-watering experience.

But implants aren’t for the squeamish. Wahle says the needle was bigger than he’d expected when he had the chip implanted by an “unlicensed amateur” for $40, enough to make him want to vomit. He says he had to go through a backstreet operation due to Florida’s restrictive body modification laws.

Unfortunately for lovers of Hollywood techno-thrillers, the attack itself is fairly lame.

As the article in Forbes describes, for the exploit to be successful the victim has to click on a link sent to his Android device by the implanted NFC chip:

It has an NFC (Near Field Communications) antenna that pings Android phones, asking them to open a link. Once the user agrees to open that link and install a malicious file, their phone connects to a remote computer, the owner of which can carry out further exploits on that mobile device.

Put simply, that Android device is compromised. In a demo for FORBES, Wahle used the Metasploit penetration testing software on his laptop to force an Android device to take a picture of his cheery visage.

Source: Trip Wire