Replacing a screen can get your phone hacked
If you're a long-time smartphone user, there's a pretty good chance that you've experienced the "pleasures" of getting a cracked touchscreen. It happens to the best of us - after all, phone displays are made out of glass, a material that tends to shatter when dropped, even if it carries the "Gorilla" branding.
After such an incident occurs, some learn to peacefully coexist with the spider web pattern on their display (if it remains functional), others just go out and buy a new handset, while quite a few people also choose to stop by a repair shop and get a replacement screen installed. Going for this third option might seem as a sensible thing to do, but it turns out that it might completely compromise the security of your phone.
In a recently-published paper, Israeli researchers from the Ben-Gurion University of the Negev highlighted the threat of malicious peripheral existing inside consumer electronics. The team was able to booby-trap a third-party smartphone replacement screen. This was done with the help of a chip that can manipulate the data transfer from the device's hardware to the software drivers within the OS.
The code found on this chip can be used to install malicious apps, replace user-selected URLs with phishing URLs, the logging of unlock patterns and keyboard inputs, and even taking pictures of the user and forwarding them via e-mail. The nasty peripheral can even turn off the power of the screen while the above actions are performed. Furthermore, the researchers claim that this "chip-in-the-middle" attack was performed with parts that cost less than $10 which can easily be mass-produced. To put the cherry on the cake, these booby-trapped displays can apparently be made to look identical to their stock counterparts and are invisible to most detection techniques, as the process is file-less.
In the demonstration video (see below), one can see this method working on the Huawei Nexus 6P, but the researchers warn that iOS devices can be hacked just as easily. While the team also outlined several low-cost countermeasures which manufacturers can employ to combat such malicious peripherals, it is currently unknown when or if these will be implemented. As such, it would be advisable to stick to certified parts and service shops for the time being.