A recent study reveals that screen replacement which is a common smartphone fix can be leveraged to steal your data and completely hijack your phone.
According to the study conducted by researchers at the Ben-Gurion University of the Negev revealed how the replacement screen can be altered and override your mobile phone by integrating malicious chip within a third-party replacement touch screen.
The researchers tested the malicious integrated chip on Huawei Nexus 6P and LG G Pad 7.0, both devices could manipulate the communications system and give control to the integrated chip.
The test allowed them to record keyboard hits, install apps, nick pictures videos and forward them via email and direct users to phishing websites. Another attack could exploit vulnerabilities in the operating system Kernel.
The creepy part of all, the researchers claim that the screens can be made with an integrated chip no one can detect even the mobile technicians, the entire process of hijacking is file less process which would go undetected by Antiviruses as well.
The is the low-cost attack known as “Chip-in-the-middle” scenario, researchers demonstrated malicious tasks that they used on Arduino platform running on ATmega328 microcontroller module.
The researchers also used STM32L432 micro-controller which indicates that other microcontrollers can also be used to perform the tasks.
Though the whole setup looks so apparent, the team said, the altered part can easily be hidden in the reassembled device. Researchers also claim that it’s not just Android that can be exploited this way, iPhones could be equally vulnerable to such types of attacks.