Galaxy S III hacked using NFC at Mobile Pwn2Own hacking contest

Posted Sep 19, 2012 at 12:39 pm in Threads > Smartphones & Tablets

http://www.computerworlduk.com/news/security/3382231/galaxy-s-iii-hacked-using-nfc-at-mobile-pwn2own-hacking-contest/

“Attackers can take full control of a Samsung Galaxy S III smartphone just by holding devices close together, researchers demonstrated”

15 Comments Join the discussion!

82 Mix 09/19/12 1:37 PM

Thumb up Thumb down 0
As long as you don’t accept hugs or inappropriate butt to butt touching from random strangers or download fishy files you should be fine…lol

Still that is kind of crazy that they can pretty much take over your phone through NFC and they said that the phone need only touch for a brief second, still, wouldn’t one need to accept the transfer before accepting the file?

I have never used NFC.

Reply
- 100 Taylor Wimberly 09/19/12 3:02 PM
  
  Thumb up Thumb down +2
  NFC actually works without touching devices. I have tested this with the two Galaxy S IIIs and you can make a connection with the devices about an inch apart.
  
  Reply
  - 19 4n1m4l 09/20/12 11:35 PM
    
    Thumb up Thumb down 0
    And the screen has to be on, which most aren’t when in pocket.
    
    Reply
- 99 BetterWithRoot 09/19/12 3:02 PM
  
  Thumb up Thumb down +1
  I imagine this to be done by placing the phone in your pocket and going into a crowded area. If you bump into someone you got their data. craziness. No one is going to notice a little brush of bodies when so tightly packed. A concert would be a good place to exploit this attack. You know who has a phone and what kind from the pictures and video they take of the venue. They slide their GS3/2 back into their pocket and voila, bump and go. Just like a wallet swipe. Hell you could even say something like, “Is that a GS3? I love mine. Phone high-five” *phones touch;data captured*
  
  Awesome link by the way Taylor! I love reading about securities.
  
  Reply
  - 82 Mix 09/19/12 4:12 PM
    
    Thumb up Thumb down 0
    So you don’t need to accept something or allow for data to be transferred between phones? They just have to be close to each other with one person initiating the file transfer?
    
    That is kind of sketchy.
    
    Reply
    - 99 BetterWithRoot 09/19/12 4:16 PM
      
      Thumb up Thumb down 0
      My guess is that it’s because NFC is turned on by default or something along those lines. I am not sure how this trickery works exactly.
      
      Reply
      - 93 Alexander drzfr3shboialex 09/20/12 10:52 PM
        
        Thumb up Thumb down 0
        You need to send on the current phone and accept in the other, its not as insecure as you think :)
      - 66 Teebor 02/21/13 5:35 AM
        
        Thumb up Thumb down 0
        NFC is off by default as I have never interacted with any NFC options on my S3 until yesterday and I found that I both had to turn on NFC AND download an app to make it work.. Also I had to enable S Beam seperately
    - 72 herbivore83 09/19/12 6:55 PM
      
      Thumb up Thumb down 0
      You can enable/disable NFC, so if you leave it on you are vulnerable to attack!
      
      Reply
jimGuest 09/20/12 11:49 PM

Thumb up Thumb down -1
Well.looking at the mwr site they used nfc to drop a malicious file. So it could be Emailed also…cant it??

Reply
- 47 koorsr 09/21/12 8:49 AM
  
  Thumb up Thumb down -1
  In one of the links I remember reading that they choose NFC for showmanship. It could happen through email or be downloaded through the Internet.
  
  Reply
iPhone GuyGuest 09/20/12 11:57 PM

Thumb up Thumb down -8
SucK it u moron fandroids i hope viruses kill all ur phones

Reply
- NexusUserGuest 02/20/13 3:50 PM
  
  Thumb up Thumb down +1
  Oh iPhone Guy :D Are you jealous oft NFC? :P
  
  Reply
83 txbluesman 09/21/12 8:32 AM

Thumb up Thumb down +3
IPhone guy, how did you get to this site, Apple Maps?

Reply
99 jaxidian 09/21/12 10:14 AM

Thumb up Thumb down 0
My understanding is that this attack has absolutely nothing to do with NFC itself. I think this attack vector requires you to purposefully accept an NFC file transfer and then run that file (an apk?) before you can be infected. Much like you would have to download an apk then run it or be emailed an apk then run it. There isn’t necessarily an NFC vulnerability here. They’re just saying you can download an infected file via NFC. Perhaps the other person’s system could already be infected and they think they’re sending you CoolWallpapers.apk (or HotChick.jpg) when in fact they really send you DirtyLittleVirus.apk. Once you run DirtyLittleVirus.apk, it uses OTHER vulnerabilities to essentially gain Root access and do big bad nasty things.

Long story short, I think “NFC” was just thrown into this story for no reason other than to get more media attention as “The First NFC Infection” or whatever.

Reply

Android and Me

Google reveals Samsung Galaxy S 4 Nexus Edition

Android passes 900 million devices activated

Best no-contract plans for unlocked Android devices

Best unlocked Android phone for any budget

Galaxy S III hacked using NFC at Mobile Pwn2Own hacking contest