NFC (Near Field Communication) beaming can be used to transfer malware onto Android devices running Android 8.0 (Oreo) or above. This is done by taking advantage of the flaw tracked as CVE-2019-2114. NFC is possible through the Android OS service, Android Beam, and allows for the transfer of data between two devices. Hackers could instead plant malware on devices with this feature. Researcher Y. Shafranovich discovered APK files that were transferred through NFC beaming did not prompt a security notification as they typically do but instead would allow the receiver to download an app from an unknown source with one click. It was found that Google had whitelisted the NFC feature, but they did not mean to. Google addressed the issue in their October Android patches, but many users who have the NFC and Android Beam services enabled are still at risk.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security