NFC Beaming vulnerability can install malware in Android phones
NFC Beaming vulnerability malware
NFC Beaming vulnerability malware

What happens when you receive a notification on your cellphone? You touch it, right? What if we told you that a notification could install a malware by simply being tapped? Yes, the NFC beaming vulnerability in your Android phone could download a malware in your phone by bypassing some serious security protocols.

What is NFC anyway?

You must have heard of contact-less payment. (They are the rage these days) Those work on the NFC beaming feature! Short for Near Field Communication, it is a feature that uses radio waves to establish communication between nearby devices and exchange data like payments, photos, videos, contacts, pairing keys and other files. Android devices also use the NFC feature with Android Beam that allows your device to connect with a close proximity device and exchange data and even APKs without using WiFi or Bluetooth.

Contactless NFC

What is the problem?

Well, if you have ever used the beaming service for exchanging apps, you need to recall how you receive a prompt asking whether you want to allow the received APK to be installed or not? It is a basic security mechanism anyway, since any app that is not downloaded from the Google Play Store is considered to be from an unknown source and hence prompts the user with a fair warning before seeking permission.

unknown sources

The problem is that NFC beaming feature has a vulnerability (CVE-2019-2114) that bypasses this security mechanism and does not ask or warn a user about installing an application from an unknown source.

The user is, thus, tricked into directly downloading the malicious application just by clicking on the data transfer notification in the panel.

How is this happening

All Android devices have a setting where they can allow the device to install apps from unknown sources. Earlier, there was a single switch to turn this off or on.

NFC Beaming vulnerability can install malware in Android phones

However, with Android Oreo (8), users were provided with an option to manually choose which sources they trusted enough to allow application installs from them.

android oreo

It is clear from the below image that NFC service is by default allowed (since it is a system app) to install unknown apps to your device.

android phone installer

Your safety in your hands

You could stop clicking on any suspicious notifications but that wouldn’t be useful, considering our habitual reflexes. The issue was successfully tested on Android versions 8 or higher. So check right away if you are vulnerable or not.

  • All new devices come with this feature in-built and are hence vulnerable if they have NFC and Anrdoid Beam enabled on their phones.
  • NFC works if the devices are really close (like 4 cm close). Hence, attacks are limited but not ruled out.
  • Although Y. Shafranovich had discovered the bug earlier this year, and Google had released a patch last month (that removed NFC from being white-listed in the trusted source settings), a lot of devices are still found to be susceptible to this threat.
  • All affected users are urged to update their Android systems as soon as possible to mark themselves safe from any future malware!
  • You could also disable the NFC and Android Beam features in your settings to protect yourself.

To remain safe from cyberattacks and maximise your safety, it is important that you start taking a daily dose of cybersecurity news. After all, you anyway spend a big chunk of your day exposed to the internet. Might as well start spending 5 minuets for self protection. ?

Stay tuned, stay safe.


Leave a reply

Your email address will not be published. Required fields are marked *


©2020 Tech Brewery. All Rights Reserved. Website By Amagraphs.

Log in with your credentials


Forgot your details?

Create Account