How Does a Drive-By NFC Hack Work?

Basics of An NFC Hack

What is an NFC hack, anyway? Why is this particular form of wireless connection so vulnerable?

It has to do with the way that NFC is implemented on particular devices. Because NFC is a connection based on convenience, and because there aren’t many security checks in place, a bump could end up uploading a virus or malware or some other malicious file to the bumped device. And if the NFC implementation is insecure, that file could be automatically opened by the device.

Imagine if your computer automatically opened any file that it downloaded off the Internet. All it would take is one mistaken click on a bad link for your computer to auto-install malware. The concept is similar for NFC.

With these malicious apps running in the background, your phone could be secretly forwarding bank PINs and credit card numbers to an unauthorized person somewhere across the world. A virus might open up other vulnerabilities, allowing the malicious user full privileges to your device to read your email, texts, photos, and third-party app data.

The crux of the issue is that NFC transfers can be executed without the user even knowing a transfer is in progress. If someone could figure out a way to hide NFC tags in inconspicuous places where phones are likely to bump up against, they could upload malicious data onto NFC-enabled devices without people even realizing it. Hacker group, Wall of Sheep, proved this with NFC-tagged posters and buttons.

How to Protect Yourself Against NFC Hacks

The most effective way to secure against NFC vulnerabilities is simply not to use NFC at all. However, if you want to use functions like contactless payments, then there are steps you can take to make it more secure.

Compartmentalize your sensitive accounts. If you use your NFC device for, say, quickly making payments through Google Wallet, then one way to stay safe is to have a separate account just for NFC. That way, if your phone is ever compromised and your Google Wallet information is stolen, it will be the dummy account that’s stolen rather than your main account.

Turn off NFC when you aren’t using it. This prevents accidental bumps from delivering unwanted programs and malware to your device. You may not think your phone gets within bump-range of many devices throughout the day. But you’d be surprised, especially if you find yourself in crowds a lot.

Routinely check your device for malware, especially after you’ve used NFC. It may or may not be possible to fully prevent NFC hacks. But if you catch them before they do much damage, that will be better than not catching them at all. If you find anything suspicious, change your important passwords and security credentials right away.

Be Aware of Security Risks From Using NFC

NFC is a useful technology for certain functions. But it’s not without its security risks. Because it lacks password protection, it’s possible for hackers to access NFC data. They can even do this without you being aware of it.

It might seem like newly adopted technologies like NFC on phones only makes them more vulnerable. However, on balance, phones now are more secure than ever before.

Leave a Reply

Your email address will not be published. Required fields are marked *