A UK team of security researchers used a pair of zero day vulnerabilities to hacked into a Samsung Galaxy S3 handset (running on Android 4.0.4). How was it possible? Well, they simply beamed an exploit using NFC or Near Field Communication. The hacking team is composed of Tyrone Erasmus, Jacques Louw, Jon Butler, and Nils. After successfully hacking into the Galaxy S3 the team bagged prize money of $30, 000. This is all part of the EuSecWest mobile Pwn2 Own hacker contest.
One of the members (Erasmus) mentioned that the exploit was delivered via NFC. NFC or Near Field Communication is the short range wireless technology that allows you to share small payloads of data between an NFC tag and an Android handset. The said group targeted Samsung Galaxy S3’s NFC weakness. They did so by delivering a malicious file. This automatically opened the phone’s Android document viewer.
Now just after the phone’s file was opened, the team exploited a zero day flaw in the Galaxy S3’s document viewer. This was for launching a code to execute the attack. That very same idea was used by the team to access full rights to the Galaxy S3. While the portal was open, the team accessed all of the data on the handset (i.e. e-mail, SMS, phonebook, photo gallery, and other 3rd party app data).
The team via Erasmus said: “We can do anything on the phone with our Trojan running in the background”, “The user is oblivious to it because NFC allows us to open the malicious document without any user interaction.” With this, he also said that the same vulnerability could be exploited in drive-by downloads via malicious websites or via rigged e-mail attachments.
Don’t you worry, the team will soon release modules to help researchers and developers to find out more problems in the Android code.