New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


NFC can be Used to Plant Malware on Android Devices

NFC (Near Field Communication) beaming can be used to transfer malware onto Android devices running Android 8.0 (Oreo) or above. This is done by taking advantage of the flaw tracked as CVE-2019-2114. NFC is possible through the Android OS service, Android Beam, and allows for the transfer of data between two devices. Hackers could instead plant malware on devices with this feature. Researcher Y. Shafranovich discovered APK files that were transferred through NFC beaming did not prompt a security notification as they typically do but instead would allow the receiver to download an app from an unknown source with one click. It was found that Google had whitelisted the NFC feature, but they did not mean to. Google addressed the issue in their October Android patches, but many users who have the NFC and Android Beam services enabled are still at risk.

Analyst Notes

It is suggested that the NFC and Android Beam features are disabled unless they are being used with trusted sources. All Android users are advised to update their devices to make sure they have received the patches that came out in the October update. Android devices from Google, including the Pixel line of phones, will be the first to receive patches. Devices from other manufacturers may be patched at a later time after the updates from Google are integrated into patches for those devices.