For many of us, our smartphones are an integral part of our being, containing not just everything we need to communicate but depths of personal information, from our daily schedules to our finances. While last summer the Supreme Court ruled cell phone information is private and therefore protected, that’s irrelevant to anyone trying to steal the sensitive bits stored on one. As Rose Eveleth reports for BBC Future, Seth Wahle, an engineer and biohacker, demonstrated that it’s possible to steal information off of a phone with a microchip embedded in his hand.
Wahle’s chip is an RFID, or radio frequency identification chip. It contains an antenna that can communicate with nearby phones. To get the smartphone’s information, Wahle’s chip sends the phone a link, and if the phone user clicks it, their phone downloads a harmful file that links the phone to a server elsewhere and means that hacker can steal the phone’s secrets.
Weird prompts to open links are inherently sketchy, but if Wahle already has the phone in hand he can click the prompt himself, turning a quick “can I borrow your phone” into a malicious attack. Like most novel attacks, this one is in the realm of “technically possible, but more the stuff of film than petty crime.”
Still, it’s probably wise to double-check before handing a phone to a cyborg.