New Android App Opens Doors—Literally
Researchers have demonstrated an Android application that can digitally "pick" modern RFID/keycard locks on secured gates and doors.
RFID badges are supposed to make authentication and access easier at high security facilities. Individual access can be updated remotely without having to physically replace a key. Now researchers Michael Gough and Ian Robertson have concocted an Android application known as "Caribou" that emulates an RFID badge.
Caribou connects remotely to the server managing the locks. It requires some advance knowledge: you have to input the IP address of the system you're trying to hack. The researchers won't say exactly what vulnerability they exploit, but it appears the app does a port scan and then brute forces the PIN. Doors and gates are then opened for about 30 seconds. According to AOL's Engadget.com, Gough and Robertson are now working with US-CERT to mitigate this issue.
You can see a RFID-badge system hacked here on Vimeo.
"… in the short-term, if you have a system like this and it's sitting out there, IP open to the internet and being caressed by every passing breeze, you might want to think about pulling that in behind your firewall."
There have been other attacks on RFID badges before, however, this is first to leverage the Android's operating system and processing power to actively compromise such a system.