Android Beam, feature that uses the so-called NFC Beaming mode, it would be affected by a vulnerability due to which an attacker could install a malware on the victim's device, without it receiving any modification. Introduced about eight years ago in Android 4.0 (Ice Cream Sandwich), Android Beam has been removed from the Robottino Verde starting from version 10.
One of the risk versions should therefore be Android 8.0 (Oreo), among the most widespread and the first that would have manifested the presence of this issue. theNFC (Near Field Communication) allows you to share content (and even make payments), but being whitelistato it often acts in the background without the user having notice.
This happens because starting from Android 8.0 the application of NFC was considered as a tool preinstalled in the operating system and therefore reliable, previously the lack of notifications was manageable through the option "Install from unknown sources"but with"Oreo"this setting has been associated with individual applications excluding default tools such as the NFC.
The developers of Google have already implemented an update that can exclude the NFC from the list of unmonitored apps, but the problem lies in the fact that this patch (dating back to last October) will not be installed on all devices equipped with vulnerable Android releases. In these cases it will therefore be necessary to act manually.
Those who want to put their device away from malware can set the NFC so that they do not accept any installation from unknown sources, you can continue to use this technology for monetary transactions but in this case it is advisable to disable Android Beam. In general it is good practice to activate NFC only when necessary.