Researchers at the Amsterdam’s Free University created an RFID chip infected with a virus to prove that RFID systems are vulnerable despite the extremely low memory capacity on the cheap chips (see their PDF, Digital vermin causes a real threat to RFID tag.)
An infected RFID tag, which is read wirelessly when it passes through a scanning gate, can upset the database that processes the information on the chip, says the study by Melanie Rieback, Patrick Simpson, Bruno Crispo and Andrew Tanenbaum.
The team found that malicious code could be written to RFID tags. By replacing a tag’s normal identification code with a written message, the researchers found they could exploit bugs in a computer connected to an RFID reader. This made it possible to spread a self-replicating computer worm capable of infecting other compatible, and rewritable, RFID tags.
“This is intended as a wake-up call. We ask the RFID industry to design systems that are secure,” Tanenbaum explained.
Via CNN, New Scientist.
Image is not related to virus at all, it’s an early prototype for the Zapped! Keychain RFID Detector. The Zapped! project, initiated by Preemptive Media, is not encouraging paranoia with Zapped!, but rather participation and preparation!