Home → News → Secret Chips in Replacement Parts Can Completely Hijack... → Full Text

Secret Chips in Replacement Parts Can Completely Hijack Your Phone's Security

By Ars Technica

August 25, 2017

[article image]


Researchers at Ben-Gurion University of the Negev in Israel warn smartphone security can be compromised by repair shops that install replacement parts containing secret, malicious hardware. The research demonstrated that replacement touchscreens could be employed to secretly log passwords, install malware, and circumvent built-in security measures. In addition, the booby-trapped components could be indistinguishable from genuine hardware, facilitating undetectable installation and no signs of tampering.

The team's proof of concept involved embedding a chip that manipulates the phone's communication bus in a touchscreen, to simulate a chip-in-the-middle attack. The chip has malware that surreptitiously executes tasks the end users never initiated, and it can deactivate the display panel to keep the user unaware.

The researchers exploited Android smartphones for their demonstration, but they say tablets and phones running iOS also could be vulnerable to similar attacks. The researchers also offer hardware countermeasures manufacturers can deploy to shield devices from malicious screen-based hacks.

From Ars Technica 
View Full Article

 

Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA

0 Comments

No entries found