The malicious app writes predefined data onto the card, raising the user's balance to 10,000 Chilean pesos (approximately 15 US dollars).
Looking at the code of the Android app, we found that if it runs on a device equipped with NFC it can read and write to these cards. These cards are MIFARE-based smartcards MIFARE refers to a family of chips widely used in contactless smart cards and proximity cards. Take for instance the recent Tarjeta bip! card hacking incident in Chile. Security Issues with RFID Cardsīecause it is widely used, it’s no surprise that that RFID cards have become targeted by attacks. Note: The malware samples discussed below were not obtained from the Google Play Store. Banks, merchants or public services issue RFID cards to their customers with prepaid credits. Paying via RFID cards is becoming more popular nowadays as more mobile devices add NFC support.
What is the mechanism behind this, and what is the security risk of RFID payment cards in general? This app, found distributed through forums and blogs, can be used to hack into the user’s RFID bus transit card to recharge the credits. MIFARE® is a registered trademark of NXP Semiconductors.We recently encountered a high-risk Android app detected as ANDROIDOS_STIP.A in Chile. IF YOU ENCOUNTER A PROBLEM PLEASE REPORT IT HERE You can find a list of unsupported devices here: Their hardware (NFC-controller) does not support MIFARE Classic
Sequence to put them into the state where writing to the manufacturer However, some special tags require a special command This App is able to write to such tags and can therefore create fullyĬorrect clones. Support writing to the manufacturer block with a simple write command. But thereĪre special MIFARE Classic tags (aka magic tag gen2) that
(Write the keys you know in a file (dictionary). Key management based on dictionary-attack.(Write dump of a tag to another tag write 'dump-wise') Write to MIFARE Classic tags (block-wise).My dump/key files are gone after updating MCT! If you like MCT please consider to buy the donate version. Please read the whole page and make sure you got everything right before rating. It is designed for users who have at least basic familiarity with the MIFARE Classic technology. This tool provides several features to interact with (and only with) MIFARE Classic RFID-Tags. It provides several features to interact with (and only with) MIFARE® Classic RFID-Tags. It is designed for users who have at least basic familiarity with the MIFARE® Classic technology. This is a low-level tool for reading, writing and analyzing MIFARE® Classic RFID tags.