A security expert has had a computer chip designed for tracking cows implanted into his hand to hack phones from underneath the skin. The hand implant chip allows him to hack Android phones by opening up a malicious link sent via an embedded NFC chip. Once the link is open and the file is installed, the phone connects to a remote computer allowing the hacker to carry out further exploits.
Seth Wahle, a security engineer at APA Wireless, had to get the implant done via an ‘unlicensed amateur’ to get around Florida’s body modification laws. The chip in question is typically used on cattle for agricultural uses, rather than humans, and is manufactured by Chinese company Freevision.
You may ask, as Tech Worm did, “Why would you want to inject yourself when you can pretty much do the same thing by hiding a regular NFC chip in the palm of your hand?” The answer potentially lies in an interview with Forbes, where Wahle explained that the implant has never been picked up by security scanners, even when he was employed by the security conscious navy. “They would have to put me through the X-ray [if they were going to detect the chip]. “
Despite this, such implants are a particularly intrusive way of hacking and, as Forbes puts it, not “for the squeamish” – indeed, the size of the syringe made Wahle want to vomit when he saw it. Additionally, the specific hack demonstrated isn’t perfect either – the malicious file Wahle created loses connection to the phone when it’s locked, or if the handset is rebooted. It also requires some social engineering, given the code has to be manually installed.
Wahle will be showing off the hand implant chip at the Hack Miami conference this May, where he will be detailing the whole process from acquiring the hardware to programming the chip.