Black Hat: NFC exploit could overtake mobile device through a simple graze

Share this article:

A vulnerability discovered in near field communication (NFC) could have end-users' smartphones compromised by attackers who simply bump into them, said a security expert at this year's Black Hat conference in Las Vegas.

NFC, a wireless technology that establishes communication between phones through physical contact, is mostly used in smartphones on the Android platform, but is expected to be found on a majority of the upcoming mobile devices released.

Well-known Apple hacker and Accuvant researcher Charlie Miller wowed the crowed at Caesar's Palace through a demo that involved infiltrating an Android phone by simply grazing it with a tag embedded with an NFC chip.

Once the phone was tagged, the browser opened to a phony web page that gave Miller full access to the data on the device.

Outside of the Android vulnerability he used to conduct the exploit, which has already been patched by Google, Miller discovered a similar bug in another device tested, a Nokia N9 which runs on the MeeGo platform.

Miller told SCMagazine.com on Thursday that he decided to focus his latest research on NFC because it's a new technology, exploiting it does not require user interaction, and there has been little analysis done on it.

"I'm always looking for something to pick on," he said.

Although there have been no in-the-wild cases of malicious NFC activity, Miller believes it may be because the technology still isn't prevalent.

"If you imagine a time when you're always paying with your phon, these [attacks] would be everywhere," he said. "Replacing NFC tags with malicious ones are totally realistic. It's the equivalent of ATM skimming."

There is a way to make the technology more secure, such as prompting a user to opt in to each exchange they make, but the solution would affect the convenience of NFC, Miller said.

"You would have to give up some of that convenience to make it more secure," he said.

Share this article:

Sign up to our newsletters

More in News

Errors in ZeroLocker means paying ransom may not decrypt files

A piece of ransomware known as ZeroLocker contains various errors that may prevent files from being decrypted even if the ransom is paid.

Rogue AV scammers find success with new tatics

Although the number of rogue anti-virus malware campaigns have decreased overall, the threat isn't totally gone, according to researchers at Microsoft.

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.