Changing Phone Screen Might Be A Shortcut To A Vulnerability
Malware-Loaded Phone Screen Replacements
Cybercriminals have successfully been able to insert malicious chips in smartphone screens. So, suppose you face an issue with your smartphone – specifically, its screen – and you send it to a service center to get it fixed – you are at risk – because hackers can place malicious chips while fixing your smartphone screen. Wow! Now, will you dare to send your smartphones for service?
Hackers are constantly upgrading their skills, and they endeavor to find out new ways to hack into devices. With smartphones becoming more sophisticated with innumerable features that endeavor to contain all the features of a desktop or a laptop, it has, in fact, become an indispensable device to stay mobile and connected. The added benefits have made smartphones the favorite target of hackers.
Breach of Trust
Vulnerabilities are of many kinds – and this can be considered to be one of the types. This case would be a breach of trust that a customer places with the service center/engineer. Researchers from Israel’s Ben-Gurion University who discovered this vulnerability – Omer Shwartz, Amir Cohen, Asaf Shabtai, and Yossi Oren, demonstrated the placement of a small malicious chip within the hardware at the WOOT 17 conference. Fixing was quite easy with just a bit of soldering.
The group successfully inserted the malicious chip in an LG G Pad 7.0 and a Nexus 6P smartphone. This chip is not expensive – it costs just £8. On successful insertion, the malicious code in the chip allows recording of keyboard inputs, install apps, and execute remote commands. The malware could exfiltrate data after acquiring the keystroke codes. Touch injection attacks now allow the attacker to impersonate the smartphone’s user, which allows the malware to access and exfiltrate data. The researchers also found that the code was able to exploit vulnerabilities in the kernel of the operating system.
The Reason for the Vulnerability
Usually, phone manufacturers do not manufacture all the components of a smartphone. Some or most components are procured from third-party manufacturers – usually due to the experts in their field. The source code for these components is integrated with the manufacturer’s source code, and this code always trusts the component’s code.
When the touch screen of the phone gets shattered, usually equivalent components available in the market are used for replacement. It is possible that malicious chip and malicious code be inserted into this component.
In a paper titled “Shattered Trust: When Replacement Smartphone Components Attack,” the researchers state: “…we call this trust into question, considering the fact that touchscreens are often shattered and then replaced with aftermarket components of questionable origin. We analyze the operation of a commonly used touchscreen controller. We construct two standalone attacks, based on malicious touchscreen hardware, that function as building blocks toward a full attack: a series of touch injection attacks that allow the touchscreen to impersonate the user and exfiltrate data, and a buffer overflow attack that lets the attacker execute privileged operations. Combining the two building blocks, we present and evaluate a series of end-to-end attacks that can severely compromise a stock Android phone with standard firmware. Our results make the case for a hardware-based physical countermeasure.”
Mitigation Measures
So far, a possible preventive measure seems to be to protect the phone screen from shattering with different types of protective cases. The other option is to install a robust mobile security solution that detects malware by their behavior and prevents their malicious activity.