Thursday, October 27, 2016

NFC – Friend or Foe

Wapack Labs has previously exposed the hazards of using near-field communication (NFC) devices in our support during the 2016 Summer Olympics in Rio De Janeiro and other collection and research projects.  NFCs are now being supplied in the United Kingdom (UK) to rapidly order pizzas through a swipe of a smart phone.  The “tattoos,” as they are being marketed, are being affixed to objects which enable smart phone users to quickly order pizzas and other food products. If corrupted, as with past USB jump drive compromises, an NFC device could run in the background of a cell phone and secretly forward personal identifying and financial information during a food order.  This information is being supplied for your situational awareness.

  • Near-field communication devices have been used for the past several years with low security parameters and are currently marketed for ease and convenience of e-transactions. 
  • NFC’s can be corrupted at the production level, similar to the past jump drive virus launches.
  • Heightened NFC cyber security awareness, education and training is desired for future use.

Publication date:                           25 October 2016
Handling requirements:               Traffic light protocol (TLP) GREEN
Attribution/Threat Actors:           Unknown hackers

Actor Type:                                     Adversary capabilities have been assessed as Tier II*

Potential Targets:                           Smart Phone users using NFC devices

Past Reporting:                               Red Sky Alliance: DOC-4113, DOC-3718, msg/3507 and blog/2016/09/30/nato-and-europol-cyber-reports-of-interest

*Practitioners with a greater depth of experience, with the ability to develop their own tools from publicly known vulnerabilities.

The full attribution report has been published in its entirety in the Red Sky Alliance portal.  For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or

About Wapack Labs

Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber.  Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information.  The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.