Trojan of Things: Embedding Malicious NFC Tags into Common Objects
Seita Maruyama, Satohiro Wakabayashi, Tatsuya Mori
TL;DR
This paper introduces Trojan of Things, a novel attack embedding malicious NFC tags into everyday objects to covertly compromise NFC-enabled mobile devices, demonstrating significant security risks and potential countermeasures.
Contribution
The paper presents a new attack method embedding malicious NFC tags into common objects and develops techniques to execute sophisticated attacks without user awareness.
Findings
Feasibility of embedding malicious NFC tags into everyday objects.
Development of ToT device and Phantom touch generator techniques.
Discussion of countermeasures against ToT attacks.
Abstract
We present a novel proof-of-concept attack named Trojan of Things (ToT), which aims to attack NFC- enabled mobile devices such as smartphones. The key idea of ToT attacks is to covertly embed maliciously programmed NFC tags into common objects routinely encountered in daily life such as banknotes, clothing, or furniture, which are not considered as NFC touchpoints. To fully explore the threat of ToT, we develop two striking techniques named ToT device and Phantom touch generator. These techniques enable an attacker to carry out various severe and sophisticated attacks unbeknownst to the device owner who unintentionally puts the device close to a ToT. We discuss the feasibility of the attack as well as the possible countermeasures against the threats of ToT attacks.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsUser Authentication and Security Systems · RFID technology advancements · Digital and Cyber Forensics