Hacking experts have come up with new ways of attacking Android smartphones.
On Wednesday they demonstrated ways to attack Android smartphones using methods they said work on virtually all such devices in use today, despite recent efforts by search engine giant Google (GOOG.O) to boost protection.
Experts showed off their prowess at the Black Hat hacking conference in Las Vegas, where some 6,500 corporate and government security technology workers gathered to learn about emerging threats to their networks.
Researcher Charlie Miller demonstrated a method for delivering malicious code to Android phones using a new Android feature known as near field communications.”I can take over your phone,” Miller said.
Miller said he figured out how to create a device the size of a postage stamp that could be stuck in an inconspicuous place such as near a cash register at a restaurant. When an Android user walks by, the phone would get infected, said Miller.
Miller and another hacking expert, Georg Wicherski of CrowdStrike, have also infected an Android phone with a piece of malicious code that Wicherski unveiled in February.
That piece of software exploits a security flaw in the Android browser that was publicly disclosed by Google’s Chrome browser development team, according to Wicherski.
“Google is making progress, but the authors of malicious software are moving forward,” said Sean Schulte of Trustwave’s SpiderLabs.
Google spokeswoman Gina Scigliano declined to comment on the security concerns or the new research.