A skilled hacker has shown how to hijack a smartphone via a short-range radio technology known as Near Field Communication (NFC).
Charlie Miller created tools that forced phones to visit websites seeded with attack software.
The software on the booby-trapped websites helped Mr Miller look at and steal data held on a handset.
NFC is becoming increasingly common in smartphones as the gadgets are used as electronic tickets and digital wallets.
Beam guide
Mr Miller, a research consultant at security firm Accuvant, demonstrated the work at the Black Hat hacker conference in Las Vegas.
During his presentation, Mr Miller showed how to attack three separate phones: the Samsung Nexus S, the Google Galaxy Nexus – which both run Android – and the Nokia N9, which runs on the MeeGo system.
To attack the phones Mr Miller wrote software to control a reader tag that works in conjunction with NFC. As its name implies, NFC works when devices are brought close together or are placed near a reader chip.
In one demo Mr Miller piped commands through his custom-built chip that abused a feature of the smartphones known as Android beam. This allows phone owners to send links and information over short distances to other handsets.
He discovered that the default setting in Android Beam forces a handset to visit any weblink or open any file sent to it. Via this route he forced handsets to visit websites that ran code written to exploit known vulnerabilities in Android.
“The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal,” Mr Miller told tech news website Ars Technica.
via BBC