Zero-Day Exploit Found on Samsung Galaxy S3

[Viktor 669]

A team of Android security experts successfully hacked a Samsung Galaxy S3 by revealing two Android exploits at the Mobile Pwn2Own competition at EUSecWest in Amsterdam. A memory corruption exploit was triggered via Near Field Communication, enabling researchers to upload malicious code and access secure data

The second exploit found involved privilege escalation by enabling an app to execute malicious code outside its sandboxed system. By combining the two breaches the team gained full control over the Samsung Galaxy S3 smartphone and retrieved all data.

Although the exploit is not NFC related, Android OS was found vulnerable by using the NFC technology. Raising serious issues over how securely NFC and Android handle intents and permissions, MWR Labs explained that details of the exploits will be revealed once they’re patched.

“Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability for privilege escalation,” said the team. “The same vulnerability could also be exploited through other attack vectors, such as malicious websites or e-mail attachments.”

By using their custom framework and the previously mentioned exploits, MWR Labs was also able to initiate calls to premium rated numbers. Emphasizing that Android 4.0.4 features many of the exploit problems encountered on desktop Linux distributions, the team says other protection methods are missing from the Android build

Источник

[AdamGray 0]

Wow, maybe this is why iPhone 5 does not contain NFC? Too suspect to being hacked.

A friend from work downloaded a N64 emulator from the Google Play store, and the app activates the zero-day exploit on her new samsung galaxy s3. This is a serious breach!

[Viktor 669]

A friend from work downloaded a N64 emulator from the Google Play store, and the app activates the zero-day exploit on her new samsung galaxy s3. This is a serious breach!

Could you give us a link to this app?