A team of Android security experts successfully hacked a Samsung Galaxy S3 by revealing two Android exploits at the Mobile Pwn2Own competition at EUSecWest in Amsterdam. A memory corruption exploit was triggered via Near Field Communication, enabling researchers to upload malicious code and access secure data.
The second exploit found involved privilege escalation by enabling an app to execute malicious code outside its sandboxed system. By combining the two breaches the team gained full control over the Samsung Galaxy S3 smartphone and retrieved all data.
Although the exploit is not NFC related, Android OS was found vulnerable by using the NFC technology. Raising serious issues over how securely NFC and Android handle intents and permissions, MWR Labs explained that details of the exploits will be revealed once theyâ€™re patched.
â€œThrough NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability for privilege escalation,â€ said the team. â€œThe same vulnerability could also be exploited through other attack vectors, such as malicious websites or e-mail attachments.â€
By using their custom framework and the previously mentioned exploits, MWR Labs was also able to initiate calls to premium rated numbers. Emphasizing that Android 4.0.4 features many of the exploit problems encountered on desktop Linux distributions, the team says other protection methods are missing from the Android build.