New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Tap and Ghost Attack

A new Proof of Concept (POC), published by researchers at Waseda University, uncovered a creative attack that is being targeted at Android devices. This interesting approach used Near Field Communication (NFC), an example of NFC is using Android or Apple pay via a user’s phone. A malicious NFC chip is embedded into a specially crafted surface, such as a table in a public space, that connects to the victim’s Android device when placed on the table. Once a device connects to the malicious NFC, it forces the phone to display a connect to the network dialogue box. Even if the user presses the “Cancel” key, the malicious device forces the connection to be accepted. Once connected to the attacker’s Wi-Fi access point or to a rogue Bluetooth session, a Ghost Touch Generator mixes the keys on the victim’s device so that when the user presses cancel, it is granting the attacker access to the entire device. Once this is completed, the attacker has full control of the victim’s device and can steal any information stored on it.

Analyst Notes

The individual user can mitigate this by simply holding their device in their hand or place it somewhere other than a table while in public places. Google should add provisions in the way NFC works by requiring user permissions prior to performing any actions.