English

Trojan of Things: Embedding Malicious NFC Tags into Common Objects

Cryptography and Security 2017-02-24 v1

Abstract

We present a novel proof-of-concept attack named Trojan of Things (ToT), which aims to attack NFC- enabled mobile devices such as smartphones. The key idea of ToT attacks is to covertly embed maliciously programmed NFC tags into common objects routinely encountered in daily life such as banknotes, clothing, or furniture, which are not considered as NFC touchpoints. To fully explore the threat of ToT, we develop two striking techniques named ToT device and Phantom touch generator. These techniques enable an attacker to carry out various severe and sophisticated attacks unbeknownst to the device owner who unintentionally puts the device close to a ToT. We discuss the feasibility of the attack as well as the possible countermeasures against the threats of ToT attacks.

Cite

@article{arxiv.1702.07124,
  title  = {Trojan of Things: Embedding Malicious NFC Tags into Common Objects},
  author = {Seita Maruyama and Satohiro Wakabayashi and Tatsuya Mori},
  journal= {arXiv preprint arXiv:1702.07124},
  year   = {2017}
}

Comments

21 pages, 19 figures

R2 v1 2026-06-22T18:26:11.730Z