Click to Skip Ad
Closing in...
  1. Amazon Home Upgrades
    08:06 Deals

    5 home upgrades under $25 that Amazon shoppers are totally obsessed with

  2. Best Electric Lawn Mower 2021
    12:58 Deals

    The best Greenworks electric lawn mower is down to an all-time low price at Amazon

  3. Best Windows 10 Laptop Deals
    10:32 Deals

    Amazon’s best Windows 10 laptop deals in August start at just $199

  4. Instant Pot Pro Price
    11:44 Deals

    Instant Pot Pro in the sleek black color just got a huge discount at Amazon

  5. Wireless CarPlay Adapter
    08:41 Deals

    Finally! CarlinKit 2.0 on Amazon converts your car’s regular CarPlay to wireless Car…

Hacker uses NFC to pwn Android phones

July 26th, 2012 at 9:00 PM

Esteemed hacker Charlie Miller, who made a name for himself embarrassing Apple engineers with his iOS hacks, has returned with a big, juicy target in his sites: the Near Field Communications technology used to send mobile payments over smartphones. Ars Technica reports that Miller showed off his latest smartphone hack at Black Hat USA on Wednesday that involved using NFC to force someone’s Android smartphone to go to a malicious website and download malware. And the scariest part about this is that all hackers have to do to compromise users’ phones is to walk right by them.

“What that means is with an NFC tag, if I walk up to your phone and touch it, or I just get near it, your Web browser, without you doing anything, will open up and go to a page that I tell it to,” Miller said during his Black Hat presentation. “So instead of the attack surface being the NFC stack, the attack surface really is the whole Web browser and everything a Web browser can do. I can reach that through NFC.”

Miller also found that the NFC-based Android Beam data-sharing application was designed to passively accept website links or download files without users’ consent, meaning hackers only have to touch their phones to users’ devices to send them to malicious websites.

“The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal,” Miller said.

Miller also noted that Android Beam and NFC are turned on by default on Android devices, so many users may be walking around without knowing that their phones are extremely vulnerable to breaches.


Popular News