Esteemed hacker Charlie Miller, who made a name for himself embarrassing Apple engineers with his iOS hacks, has returned with a big, juicy target in his sites: the Near Field Communications technology used to send mobile payments over smartphones. Ars Technica reports that Miller showed off his latest smartphone hack at Black Hat USA on Wednesday that involved using NFC to force someone’s Android smartphone to go to a malicious website and download malware. And the scariest part about this is that all hackers have to do to compromise users’ phones is to walk right by them.
“What that means is with an NFC tag, if I walk up to your phone and touch it, or I just get near it, your Web browser, without you doing anything, will open up and go to a page that I tell it to,” Miller said during his Black Hat presentation. “So instead of the attack surface being the NFC stack, the attack surface really is the whole Web browser and everything a Web browser can do. I can reach that through NFC.”
Miller also found that the NFC-based Android Beam data-sharing application was designed to passively accept website links or download files without users’ consent, meaning hackers only have to touch their phones to users’ devices to send them to malicious websites.
“The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal,” Miller said.
Miller also noted that Android Beam and NFC are turned on by default on Android devices, so many users may be walking around without knowing that their phones are extremely vulnerable to breaches.