How Your Broken Phone Screen Can Help Hackers
How Your Broken Phone Screen Can Help Hackers
August 24, 2017
New York Post–Shattering your phone’s display on the pavement is a terrible feeling, but according to a recent study, you might have more to worry about than just the cost of replacing it.
In a paper presented last week at a workshop in Vancouver, four researchers from Ben-Gurion University of the Negev explained how broken screens are replaced with aftermarket components of questionable origin — components which could be tampered with in order to hijack the user’s phone.
BGU research team from left: Amir Cohen, Benyamin Farshteindiker, Dr. Yossi Oren, Omer Shwartz
In order to demonstrate the potential dangers, the research team embedded malicious chips within the third-party displays of a Huawei Nexus 6P and an LG G Pad 7.0. With the new displays installed, the team conducted two stand-alone attacks: “a touch injection attack that allows the touchscreen to impersonate the user, and a buffer overflow attack that lets the attacker execute privileged operations.”
By combining these “attack building blocks,” hackers could theoretically impersonate the user to install software and grant permissions, take photos of the user without their knowledge, replace real URLs with phishing URLs, log virtually anything the user does on the touchscreen (such as entering a password or private credentials) or even exploit vulnerabilities in the device’s OS kernel.
The researchers developed a firewall to install on Androids that would protect users>>
Read more on the New York Post website>>
Stories Like This
