A team of four MWR Labs employees successfully hacked a Samsung Galaxy S3 today, earning them a win in the Mobile Pwn2Own competition at EUSecWest in Amsterdam. Don’t worry, they’re holding back the details until the exploit is patched.
Two vulnerabilities were used to hack and retrieve data from a Samsung Galaxy S3. The first vulnerability was a memory corruption exploit that allowed the team to upload malicious code to the S3 over NFC. MWR makes a point of noting that this exploit is not NFC specific, and could be executed via malicious websites or email attachments.
The second vulnerability allowed them undermine Android’s app sandbox and raise the...
Continue Reading Here
Android vulnerabilities used to hack Samsung Galaxy S3, win money
kristofer wouk - androidauthority.com