CyberNews Briefs

Android bug lets hackers plant malware via NFC beaming

A serious flaw in the Android operating system could have allowed threat actors to distribute malware via NFC beaming, an Android service that uses NFC (Near-Field Communication) radio waves in order to transfer data and software to other nearby devices that have NFC enabled.

Last month, Google issued a patch for the vulnerability, tracked as CVE-2019-2114, that affects Android 8 and later versions. The issue made it possible for cybercriminals to push malicious applications to nearby devices that had NFC enabled – the default setting on most Android devices – because the bug prevented the NFC service on receiving devices from displaying a warning that NFC was asking permission to install an app from an unknown source. Instead, the user would receive a seemingly benign notification that they could mistake for a Google Play Store request to update an app. If the user clicked on the notification, the malicious app would begin installing right away.

Read more: Android bug lets hackers plant malware via NFC beaming

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.