Charlie Miller finds NFC flaws in Android and Nokia devices
Notable security researcher Charlie Miller has found flaws in Near Field Communication ( NFC) security that could allow hackers to beam code over to Android and Nokia devices to carry out attacks.
NFC can be used for various processes, including contactless payments and wirelessly interacting with other nearby devices. Showing off his skills at the Black Hat security conference in Las Vegas, Miller, principal research consultant at security firm Accuvant, showed how his attack method could be used against NFC deployments in the Samsung Galaxy Nexus S, the Galaxy Nexus and the Nokia N9.
Miller created a tag that would help him take over the application “daemon” that controls NFC on a Nexus S running Gingerbread, or Android 2.3. From there, he said he could upload malicious code to the device.
Using the Android “Beam” feature that Google added to Ice Cream Sandwich, Miller could also make a handset browser visit any website he wanted. That could be a site that uploads malware to a user’s device.
Miller also found NFC security is weak on Nokia’s N9 device which, when NFC is switched on, automatically accepts all connection requests without telling the user. He showed how by just using a MacBook and connecting it to an N9, he could force it to make calls, send texts or even steal contacts.
Users can change their N9 phones to make sure they are notified of NFC requests, but the phones still accept file transfers without notification. According to Ars Technica, Miller found a vulnerability in a Microsoft Word-compatible reader that could be used to launch an attack by sending over a malicious file.
In most NFC security issues scenarios showcased by Miller, the victim’s phone has to have its screen active and be unlocked. In all of them, the attacker has to get close to their target.
Nokia said it was aware of Miller’s research and was investigating the claims over the N9, which uses the MeeGo OS.
At the time of publication, neither Google nor Samsung had responded to a request for comment on Miller’s findings.
Meanwhile, security companies are rushing to protect Android-based devices. Yesterday saw the launch of the Android Security Evaluation Framework from Qualys, which takes users’ applications and migrates them to a test suite, where they are checked inside a pre-configured Android Virtual Device (AVD) to see if they are doing anything malicious.
It is similar to BitDefender’s Cluful application for iOS, which was thrown out of the App Store last month, it emerged last week.
Are you a privacy pro? Try our quiz!