Man implants NFC chip in his hand to hack Android phones: The risks and benefits of DIY cyborgs

A good portion of modern cybernetics consists of microchips which can be easily placed into the body to collect data and perform simple functions. Scientists, researchers, and doctors around the world have been experimenting with implanted microchips to help people with disabilities. On the other hand, do-it-yourself cyborgs, often called biohackers or grinders, use their own bodies as laboratories to test the ways that they can enhance and advance the human body.

But my larger concern is the potential misuse of embedded microchips pitched as a convenience for identity verification. Take the example of Wisconsin-based Three Square Market (32M) who recently announced plans to offer voluntary microchip implants for its employees, enabling them to open doors, log onto their computers, and purchase break room snacks with a simple swipe of the hand.

Man implants NFC chip in his hand to hack Android phones – Geek

The security industry focus on state-sponsored espionage is a relatively recent phenomenon. Since the Aurora Incident brought nation-state hacking into the spotlight, there's been high profile reports on targeted hacking by China, Russia, U.S.A, Israel, to name a few. This has lead to the rise of a lucrative Threat intelligence business, propelling marketing and media campaigns and fueling political debate.This talk will cover the idiosyncrasies of nation-state malware research using the experiences of presenters in the 'Threat Analyst Sweatshop.' Regin (aka WARRIORPRIDE, allegedly written by the Five Eyes) and Babar (aka SNOWGLOBE, allegedly written by France) will be used as case studies in examining attribution difficulties. Additionally, we'll examine attributing commercially written offensive software (implants and exploits) and the (mostly negative) vendor responses. We'll cover what happens when you find other players on the hunt, and address the public misconception that attribution is frequently done using open source information.We will focus on the attribution problem and present a novel approach on creating credible links between binaries originating from the same group of authors. Our goal is to add to transparency in attribution and supply analysts with a tool to emphasize or deny vendor statements. The technique is based on features derived from different domains, such as implementation details, applied evasion techniques, classical malware traits or infrastructure attributes; which are then leveraged to compare the handwriting among binaries. 2ff7e9595c