RFID Malware: Truth vs. Myth

M.R. Rieback, B. Crispo, A.S. Tanenbaum

Research output: Contribution to JournalArticleAcademicpeer-review


The issues related to RFID malware along with proof-of-concept RFID virus are discussed. RFID exploits are traditionally hacking attacks that are identical to those found on Internet, such as buffer overflow, code insertion, and SQL injection attack. RFID warms copy the original exploit code to newly appearing RFID tags. An RFID virus can self replicate without an Internet connection by copying itself into back-end database. The tags are simply data carriers, just like floppy disks and USB sticks, which are prone to attacks by various hackers. It is recommended that RFID middleware vendors must have independent experts audit their code for vulnerabilities and practice safe programming practices. RFID equipment manufacturers must invest more energy in prototyping improved cryptography on low-cost RFID tags. Lawmakers and the average person should demand security and privacy measures in the RFID technology.
Original languageEnglish
Article number1668007
Pages (from-to)70-72
Number of pages3
JournalIEEE Security & Privacy
Issue number4
Publication statusPublished - Jul 2006


Dive into the research topics of 'RFID Malware: Truth vs. Myth'. Together they form a unique fingerprint.

Cite this