What happens when you receive a notification on your cellphone? You touch it, right? What if we told you that a notification could install a malware by simply being tapped? Yes, the NFC beaming vulnerability in your Android phone could download a malware in your phone by bypassing some serious security protocols.
What is NFC anyway?
You must have heard of contact-less payment. (They are the rage these days) Those work on the NFC beaming feature! Short for Near Field Communication, it is a feature that uses radio waves to establish communication between nearby devices and exchange data like payments, photos, videos, contacts, pairing keys and other files. Android devices also use the NFC feature with Android Beam that allows your device to connect with a close proximity device and exchange data and even APKs without using WiFi or Bluetooth.
What is the problem?
Well, if you have ever used the beaming service for exchanging apps, you need to recall how you receive a prompt asking whether you want to allow the received APK to be installed or not? It is a basic security mechanism anyway, since any app that is not downloaded from the Google Play Store is considered to be from an unknown source and hence prompts the user with a fair warning before seeking permission.
The problem is that NFC beaming feature has a vulnerability (CVE-2019-2114) that bypasses this security mechanism and does not ask or warn a user about installing an application from an unknown source.
The user is, thus, tricked into directly downloading the malicious application just by clicking on the data transfer notification in the panel.
How is this happening
All Android devices have a setting where they can allow the device to install apps from unknown sources. Earlier, there was a single switch to turn this off or on.
It is clear from the below image that NFC service is by default allowed (since it is a system app) to install unknown apps to your device.
Your safety in your hands
You could stop clicking on any suspicious notifications but that wouldn’t be useful, considering our habitual reflexes. The issue was successfully tested on Android versions 8 or higher. So check right away if you are vulnerable or not.
- All new devices come with this feature in-built and are hence vulnerable if they have NFC and Anrdoid Beam enabled on their phones.
- NFC works if the devices are really close (like 4 cm close). Hence, attacks are limited but not ruled out.
- Although Y. Shafranovich had discovered the bug earlier this year, and Google had released a patch last month (that removed NFC from being white-listed in the trusted source settings), a lot of devices are still found to be susceptible to this threat.
- All affected users are urged to update their Android systems as soon as possible to mark themselves safe from any future malware!
- You could also disable the NFC and Android Beam features in your settings to protect yourself.
To remain safe from cyberattacks and maximise your safety, it is important that you start taking a daily dose of cybersecurity news. After all, you anyway spend a big chunk of your day exposed to the internet. Might as well start spending 5 minuets for self protection. ?
Stay tuned, stay safe.