Phishing Attack Takes on NFC

Monday, March 5, 2012 @ 03:03 PM gHale

As mentioned quite a few times in the past, mobile devices are becoming more fashionable in the manufacturing automation space, and with that new found popularity come new and different attack vectors.

One new and different approach is an attack on an NFC (Near Field Communication)-enabled smartphone: The attacker simply attaches a modified NFC tag to a legitimate surface such as an advertising poster, said McAfee’s Chief Technology Officer, Stuart McClure at the RSA Conference in San Francisco. For their demo, the researchers used a Red Cross donations appeal such as those seen at bus stops in various cities across Europe.

Anti-Phishing Standard Progresses
Malware has Bots Acting as C&C Server
Stealth Trojan Hijacks DLL File
New Bot a Phishing Attack

The poster’s regular NFC tag took the browser to the Red Cross donations web site, where it could record the donor’s details. However, the modified secondary tag diverted the smartphone browser to a phishing site that pretended to be part of the Red Cross. McClure said such attacks are already out there.

The researcher also demonstrated how to take control of an iPad. When a victim clicks on a link in an email, a PDF file downloads, and malware installs without the user’s knowledge via a vulnerability in the iOS code for processing PDFs. Although the attack is on a vulnerability long been closed by Apple, the expert said he assumes newer iOS versions will continue to be vulnerable via jailbreaks.

Once a device suffers an infection, it establishes a connection to the command & control server and transfers, for example, its location. One click on the symbol displayed in Google Maps on the attacker’s system gives access to several options: To retrieve the SMS database, record the device environment using the microphone, or access the key chain. The key chain contains any passwords for applications and online services stored on the device.

Leave a Reply

You must be logged in to post a comment.