Hackers Pwn2Own use NFC to crack smartphone security
Several hackers on Mobile Pwn2Own have used NFC to crack the security of smartphones. In two cases, it was a Samsung Galaxy S5, while an idea from the TV series Person of Interest led to a security breach on the Nexus 5.
The hacker in question used NFC to force two phones to pair, something that plays a role in the TV series Person of Interest under the name ‘bluejacking’. Forced pairing enabled him to access the Nexus 5, HP writes in a post on Mobile Pwn2Own.
The exploits that the hackers used on the Samsung Galaxy S5 do not seem possible on other devices. The vulnerabilities involved errors in the NFC implementation of the Samsung device. The iPhone 5s and Amazon Fire Phone were also victims of the hackers. In both, the vulnerability was through the browser, where attackers could break out of the sandbox. It is unknown when the manufacturers will close the vulnerabilities.
Mobile Pwn2Own is a competition in which hackers try to outdo each other by breaking the security of telephones as quickly as possible. They do this through previously unknown leaks.