Samsung, Nokia Devices Hacked Through NFC Security Flaw

Samsung and Nokia smartphones were hacked through an NFC vulnerability at the Black Hat security conference. Google is a big backer of NFC, which analysts expect to be behind $180 billion of consumer purchases in 2017.

Just as near-field communication technology is finding its way into the spotlight, a demonstration at the Black Hat USA 2012 security conference threatens to render its celebrity short-lived.

Charlie Miller, a principal research consultant at security firm Accuvant, demonstrated to the Black Hat audience July 25 how it€™s possible to use NFC€”a technology that allows two devices to communicate when touched or in close proximity€”to hack into a smartphone and access user information. Miller demonstrated possible attack scenarios using a Google Nexus S device running the Gingerbread version of Android, a Samsung Galaxy Nexus running Android Ice Cream Sandwich and a Nokia N9 running MeeGo 1.2.

€œIt turns out that through NFC, using technology like Android Beam or NDEF [NFC Data Exchange Format] content sharing, one can make some phones parse images, videos, contacts, office documents, even open up Web pages in the browser, all without user interaction,€ said a description of Miller€™s talk (cutely titled €œDon€™t Stand So Close to Me€) on the Black Hat event site.

A number of mobile payment solutions, including Google Wallet, rely on NFC. While Wallet, for example, can be used at hundreds of thousands of merchants, through a partnership with MasterCard€™s NFC-based PayPass, such solutions have been slow to find adoption, for a number of reasons, with security among them.

Research In Motion, HTC, LG, Huawei, Motorola and ZTE currently also offer NFC-enabled phones, and patents that Apple has filed with the U.S. Patent and Trademark Office suggest that its next iPhone may include the technology. Apple's backing could give a tremendous boost to NFC, which analysts have high hopes for. By 2017, Juniper Research expects one in four mobile phone users in the U.S. and Western Europe to use NFC-enabled phones to make in-store purchases, and for global NFC payments to exceed $180 billion that year.

Samsung, with its Galaxy S III, and Sony, with the Xperia ion smartphone, have worked to extend the use of NFC beyond mobile payments. Each offers inexpensive packs of NFC tags that users can program using a free application. When the phones are tapped to a programmed tag, they can be made to do a variety of things, from lowering the ringer to sending a text message.

Miller demonstrated how a tag could send a phone to a malicious Website that could tunnel into the device and grab user information.

€œIf I walk up to your phone and touch it, or I just get near it, your Web browser, without you doing anything, will open up and go to a page that I tell it to,€ Miller told Ars Technica in an interview before the demonstration.

The AT report added that a concealed NFC tag attached to a payment terminal or other legitimate NFC-enabled device could be used to grab control of the phone. Though phones running MeeGo or Android Ice Cream Sandwich need to be unlocked to be attacked, in those scenarios, they would be. An attacker who knows the person he€™s targeting could also send that person a text message or call them, ensuring the device is unlocked for the necessary few seconds.

The Nokia N9 doesn€™t enable NFC by default, but even if the technology is turned on and configured to notify the user before accepting an NFC request, €œthe phone accepts file transfers initiated by other users without warning,€ wrote AT.

While Miller€™s findings certainly don€™t help the cause, not everyone is convinced they spell the end to the technology.

€œNFC is not doomed,€ Ezra Gottheil, a senior analyst with Technology Business Research, told eWEEK.

€œThere seem to be two problems here, both fixable. There are bugs, which need simply to be fixed, and there is a new feature, Android Beam, that wasn€™t completely thought out. It€™s only software,€ Gottheil explained.

Android Beam arrived with Ice Cream Sandwich, and Google explained to developers that NFC is an easier way to send data than wireless technologies like Bluetooth, since with NFC, pairing or device discovery aren€™t necessary, €œthe connection is automatically started when two devices come within range.€

€œThe hackers tend to overdramatize the consequences of the flaws they discover. That€™s just marketing,€ said Gottheil. €œThey are aiming to show that companies like Google, Nokia, and Samsung [and Apple] should hire them so that these flaws are discovered and removed before the product is rolled out.€

Cycles of hacking and repairing, Gottheil added, are the €œinevitable consequence of deploying new technology.€

Nokia released a statement saying it is aware of Miller€™s work and is investigating the claims concerning the Nokia N9.

€œAlthough it is unlikely that such attacks would occur on a broad scale, given the unique circumstances,€ the statement continued, €œNokia is currently investigating the claims using our normal processes and comprehensive testing.€

Follow Michelle Maisto on Twitter.