RSS

Search Engine

Friday, July 27, 2012

Android phones hijacked via wallet tech

harlie Miller created tools that forced phones to visit websites seeded with attack software.
The software on the booby-trapped websites helped Mr Miller look at and steal data held on a handset.
NFC is becoming increasingly common in smartphones as the gadgets are used as electronic tickets and digital wallets.
Beam guide Mr Miller, a research consultant at security firm Accuvant, demonstrated the work at the Black Hat hacker conference in Las Vegas.
During his presentation, Mr Miller showed how to attack three separate phones - the Samsung Nexus S, the Google Galaxy Nexus and the Nokia N9.
To attack the phones Mr Miller wrote software to control a reader tag that works in conjunction with NFC. As its name implies, NFC works when devices are brought close together or are placed near a reader chip.
In one demo Mr Miller piped commands through his custom-built chip that abused a feature of the smartphones known as Android beam. This allows phone owners to send links and information over short distances to other handsets.
He discovered that the default setting in Android Beam forces a handset to visit any weblink or open any file sent to it. Via this route he forced handsets to visit websites that ran code written to exploit known vulnerabilities in Android.
"The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal," Mr Miller told tech news website Ars Technica.
In one demonstration using this attack Mr Miller was able to view files on a target handset.
On the Nokia phone, Mr Miller demonstrated how to abuse NFC and take complete control of a target handset, making it send texts or make calls, via the weaknesses exploited by his customised radio tag.
Mr Miller said that to successfully attack phones they must be running a particular version of the Android operating system, be unlocked and have their screen active.
Nokia said it was aware of Mr Miller's research and said it was "actively investigating" his claims of success against its N9 phone. It said it was not aware of anyone else abusing loopholes in Android via NFC.

3 comments:

Sameer ahmad said...

You write very well..But your blog font are hard to read with black background. Please some thing with it..Else you will start loosing your visiter

Power of love said...

Let`s write that letter we thought of writing "one of these days Tibia Gold, just because someone doesn't love you the way you want them to, doesn't mean they don't love you with all they have Tibia coins, don't waste your time on a man/woman, who isn't willing to waste their time on you sro gold.

Henceforth will I recognize that each day I am tested by life Sell RS Gold in like manner. If I persist, if I continue to try, if I continue to charge forward, I will succeed Sell RS Gold, Your future depends on your dreams. So go to sleep.Do not keep anything for a special occasion, because every day that you live is a SPECIAL OCCASION Sell Runescape Gold, he time of life is short ; to spend that shortness basely, it would be too long.

Gopi Kishan said...

Nice blog!!!!!!!
It describes the android development and its application.The interested candidate can join this blog..
Online Android Tutorial

Post a Comment