These cards are MIFARE-based smartcards MIFARE refers to a family of chips widely used in contactless smart cards and proximity cards.
Take for instance the recent Tarjeta bip! card hacking incident in Chile. Security Issues with RFID Cardsīecause it is widely used, it’s no surprise that that RFID cards have become targeted by attacks. Note: The malware samples discussed below were not obtained from the Google Play Store. Banks, merchants or public services issue RFID cards to their customers with prepaid credits. Paying via RFID cards is becoming more popular nowadays as more mobile devices add NFC support. What is the mechanism behind this, and what is the security risk of RFID payment cards in general? This app, found distributed through forums and blogs, can be used to hack into the user’s RFID bus transit card to recharge the credits.
We recently encountered a high-risk Android app detected as ANDROIDOS_STIP.A in Chile.
