Save up to $750 on Galaxy S23 Ultra!

Replacing a screen can get your phone hacked

iOS Android
5

If you're a long-time smartphone user, there's a pretty good chance that you've experienced the "pleasures" of getting a cracked touchscreen. It happens to the best of us - after all, phone displays are made out of glass, a material that tends to shatter when dropped, even if it carries the "Gorilla" branding.

After such an incident occurs, some learn to peacefully coexist with the spider web pattern on their display (if it remains functional), others just go out and buy a new handset, while quite a few people also choose to stop by a repair shop and get a replacement screen installed. Going for this third option might seem as a sensible thing to do, but it turns out that it might completely compromise the security of your phone. 

In a recently-published paper, Israeli researchers from the Ben-Gurion University of the Negev highlighted the threat of malicious peripheral existing inside consumer electronics. The team was able to booby-trap a third-party smartphone replacement screen. This was done with the help of a chip that can manipulate the data transfer from the device's hardware to the software drivers within the OS. 

The code found on this chip can be used to install malicious apps, replace user-selected URLs with phishing URLs, the logging of unlock patterns and keyboard inputs, and even taking pictures of the user and forwarding them via e-mail. The nasty peripheral can even turn off the power of the screen while the above actions are performed. Furthermore, the researchers claim that this "chip-in-the-middle" attack was performed with parts that cost less than $10 which can easily be mass-produced. To put the cherry on the cake, these booby-trapped displays can apparently be made to look identical to their stock counterparts and are invisible to most detection techniques, as the process is file-less. 

In the demonstration video (see below), one can see this method working on the Huawei Nexus 6P, but the researchers warn that iOS devices can be hacked just as easily. While the team also outlined several low-cost countermeasures which manufacturers can employ to combat such malicious peripherals, it is currently unknown when or if these will be implemented. As such, it would be advisable to stick to certified parts and service shops for the time being. 


Source: Yossi Oren via Engadget

Popular stories

Massive Lenovo Tab Extreme with keyboard, pen, and fast charger scores a huge US launch discount
Massive Lenovo Tab Extreme with keyboard, pen, and fast charger scores a huge US launch discount
Office-ready Galaxy Tab S8 Ultra is on sale at a killer discount
Office-ready Galaxy Tab S8 Ultra is on sale at a killer discount
Samsung trims big bucks off the price of the flawless Galaxy S23 Plus (512GB)
Samsung trims big bucks off the price of the flawless Galaxy S23 Plus (512GB)
Best Buy marks down the price of Surface Pro 9 and adds in a free keyboard
Best Buy marks down the price of Surface Pro 9 and adds in a free keyboard
Inexpensive tool can be used to easily break into Android phones
Inexpensive tool can be used to easily break into Android phones
Samsung is back with another phenomenal Galaxy S23 Ultra deal in time for Memorial Day
Samsung is back with another phenomenal Galaxy S23 Ultra deal in time for Memorial Day
Loading Comments...

Latest News

Future of Pixel Tablet stylus and keyboard accessories uncertain
Future of Pixel Tablet stylus and keyboard accessories uncertain
Google confirms a second foldable device was in the works but didn't make the cut
Google confirms a second foldable device was in the works but didn't make the cut
Honor 90, 90 Pro now official with 200MP camera, 5000mAh battery, and up to 16GB RAM
Honor 90, 90 Pro now official with 200MP camera, 5000mAh battery, and up to 16GB RAM
Contacts gone on your Android phone? Don't panic! You may need to check this one setting
Contacts gone on your Android phone? Don't panic! You may need to check this one setting
MediaTek's next flagship smartphone chip will be very powerful; here's why
MediaTek's next flagship smartphone chip will be very powerful; here's why
Fancy new OnePlus 11 edition unveiled, but there is a catch
Fancy new OnePlus 11 edition unveiled, but there is a catch
FCC OKs Cingular\'s purchase of AT&T Wireless