Cell phone hackers are always on the hunt for new ways to take advantage of cell phone users.
And unfortunately, it doesn’t take them long to find new and more extreme ways to exploit cell phone users.
What Cell Phone Hackers Can Do With Replacement Screens
Experiments conducted on two Android devices reveal another vulnerability for hackers.
Researchers have found that replacing components on phones or tablets, like touchscreens, can house malicious chips. These chips can give hackers total control of the infected devices.
(Speaking of malicious chips and infected devices, learn about the stealth viruses you need to protect your business from in this post)
But how exactly do they do this? Above all, it’s important to understand how they operate to protect yourself or your business from becoming victims.
So, let’s turn to this article from Eduard Kovacs in Security Week about exactly how cell phone hackers operate.
How Cell Phone Hackers Can Hijack Phones via Replacement Screens: Researchers
By Eduard Kovacs on August 18, 2017
Touchscreens and other components often replaced in smartphones and tablets can hide malicious chips capable of giving attackers complete control over the device, warned researchers at the Ben-Gurion University of the Negev.
Researchers conducted their experiments on two Android devices: a Huawei Nexus 6P smartphone that uses a touchscreen controller from Synaptics and an LG G Pad 7.0 tablet that uses an Atmel controller. However, the experts believe many other devices are also vulnerable to these attacks, including ones made by Apple.
In their tests, the researchers used a hot air blower to separate the touch screen controller from the main assembly board and access the copper pads. They then connected the pads to an integrated chip that manipulates the communication bus, effectively launching a chip-in-the-middle attack. STM32L432 and Arduino microcontrollers, which cost roughly $10 each, have been used in the experiments.
Malicious hardware
The malicious chip can exploit vulnerabilities in the device driver. Subsequently, this will compromise the phone or tablet while ensuring it does not stop functioning correctly.
Videos published online show how a malicious touchscreen can be used to install arbitrary software, take pictures with the camera and send them to the attacker via email, replace a legitimate URL with a phishing URL, capture and exfiltrate screen unlock patterns, and take complete control of the targeted device.
Completely hijacking a phone takes the longest, roughly 65 seconds, but some operations, such as replacing a URL, take less than one second to complete.
(Are you up to date with the latest cybersecurity trends? Here are the five biggest threats as of 2021)
While attacks involving hardware replacements are not unheard of, the scenario described by Ben Gurion University researchers relies on replacing a component with a limited hardware interface. It assumes that the repair technician installing the replacement screen is not involved and does not conduct any operations other than replacing the broken component with a malicious one that has been provided to them.
The researchers notified Google of the Synaptics device driver vulnerabilities in February, and patches were included in the June 2017 Android security updates. They are also working on notifying the developers of the Armel device driver of the discovered issues.
The experts have also proposed a series of hardware-based countermeasures to prevent such attacks.
Do you want to learn more about protecting yourself and your business from cell phone hackers and other cyber threats?
We are here to help. Click here to set up a call with the CloudNexus team today.
Did you learn a lot about cell phone hackers in this post? Here are three more posts to read next:
- 5 Cyber Security Threats Your Company Needs To Prepare For
- Why IT Managed Services? Six Key Benefits
- 4 Reasons Why Your Small Business is an Easy Target for a Cyber Attack
This post was first published in 2017, but it was updated in 2021 just for you.
