Security researchers are expected to disclose new vulnerabilities in near field communication (NFC), mobile baseband firmware, HTML5 and Web application firewalls next week at theBlack Hat USA 2012 security conference.
Marking its 15th year, thousands of security enthusiasts and IT professionals flock to the annual Las Vegas conference to watch some of the industry’s top researchers present their latest findings.
With the rise of smartphones during the last few years, mobile technologies have become a major focus of security research — and for good reason. Many of today’s mobile phones are actually mini computers that store a wealth of sensitive data and this makes them attractive targets for attackers.
Some smartphone vendors have implemented NFC technology to enable contactless mobile payments. Users only have to wave their phones over NFC-capable devices to complete a transaction.
Renowned Apple hacker Charlie Miller, who works as a principal research consultant at security consulting firm Accuvant, has investigated the security of current NFC implementations and found ways in which the technology could be abused to force some mobile phones to parse files and open Web pages without user approval.
In some cases, attackers can take complete control of the phone through NFC, enabling them to steal photos and contacts, send text messages and make calls. Miller will present his findings in what is probably one of the most anticipated talks at this year’s U.S. edition of the conference.
In another mobile security presentation, University of Luxembourg researcher Ralf-Philipp Weinmann will discuss attacks against baseband processors — the phone microprocessors responsible for communicating with cellular networks.
Last year, Weinmann demonstrated how vulnerabilities in the firmware of baseband processors can be exploited to turn mobile phones into remote spying devices after tricking them into communicating with a rogue GSM base station — a scaled-down version of a cell phone tower. The base station had been set up using off-the-shelf hardware and open source software.
This year, Weinmann plans to show that rogue base stations are not even necessary to pull off such attacks, because some baseband vulnerabilities can be exploited over IP-based (Internet Protocol) connections.
If some components of the carrier network are configured in a certain way, a large number of smartphones can be attacked simultaneously, Weinmann said in the description of his presentation.
Mobile malware is viewed as a growing threat, particularly on the Android platform. To protect Android users and prevent malicious applications from being uploaded to Google Play, Google created an automated malware scanning service called Bouncer.
At Black Hat, Nicholas Percoco and Sean Schulte, security researchers from Trustwave, will reveal a technique that allowed them to evade Bouncer’s detection and keep a malicious app on Google Play for several weeks.
The initial app uploaded to Google Play was benign, but subsequent updates added malicious functionality to it, Percoco said. The end result was an app capable of stealing photos and contacts, forcing phones to visit websites and even launch denial-of-service attacks.
Percoco would not discuss the technique in detail ahead of the Black Hat presentation, but noted that it doesn’t require any user interaction. The malicious app is no longer available for download on Google Play and no users were affected during the tests, Percoco said.
Web attacks and vulnerabilities in new Web technologies will also be the subject of several Black Hat presentations this year.
Cybercriminals are increasingly relying on so-called drive-by download attacks to infect computers with malware by exploiting known vulnerabilities in widespread browser plug-ins like Java, Flash Player or Adobe Reader.
Jason Jones, a security researcher with HP DVLabs, Hewlett-Packard’s vulnerability research arm, is scheduled to present an analysis of some of the most commonly used Web exploit toolkits, like Blackhole or Phoenix.
Some of the trends observed by Jones in Web exploit toolkit development this year include an increased reliance on Java exploits and faster integration of exploits for new vulnerabilities.
In the past, Web exploit toolkits targeted vulnerabilities for which patches had been available for over six months or even a year. However, their creators are now integrating exploits for vulnerabilities that are a couple of months old or even unpatched by vendors, Jones said.