Smartphones Are More Vulnerable Than You Think

Today, most people from 10 to 85 have a smartphone, although most of these users are unaware just how vulnerable to attacks these devices are.

In most cases, attacks on smartphones require physical access to the device and interactions with the touchscreen, but according to new academic research, it is possible to reach users' mobile touchscreen without touching it using electro-magnetic interference.

Modern Android smartphones are susceptible to a new type of attack named "GhostTouch" by researchers at China's Zhejiang University and the Technical University of Darmstadt that can induce fake finger taps to take unwanted actions that can execute taps and swipes on the phone’s screen, even from a distance of up to 40 mm. 

The attack exploits flaws at both the software and hardware level and has been proven to work even against the most recent smartphone models. 

GhostTouch uses electromagnetic interference (EMI) to inject fake touch points into a touchscreen without the need to physically touch it. By tuning the parameters of the electromagnetic signal and adjusting the antenna, we can inject two types of basic touch events, taps and swipes, into targeted locations of the touchscreen and control them to manipulate the underlying device.

According to the researchers’ findings, an attacker can use GhostTouch to carry out several types of malicious actions, including initiating calls and downloading malware.

Most of the touchscreens used today by smartphone and tablet companies are sensitive and vulnerable to the environmental impact of EMI. Previous studies have shown that EMI can disrupt the user experience of touchscreens and possibly cause random and harmful behavior. In one case, a phone that was placed on a charger booked a highly expensive hotel room because of EMI signals.

Researchers created the GhostTouch software in order to see if they could use EMI to create controllable touch events and trigger arbitrary behavior on touchscreens.

The core idea behind GhostTouch is to interfere with the capacitance measurement of touchscreens using electromagnetic signals injected into the receiving electrodes integrated into the touchscreen. GhostTouch is a targeted attack. The adversary must know the model and make use of the victim’s phone in order to tune the equipment. The attacker might also need extra information about the phone, such as the passcode, which they must acquire through social engineering or ‘shoulder surfing’.

These types of attacks usually occur in public locations such as cafes, open offices, libraries, etc. Places where people are not necessarily careful of how they place their smart devices. By embedding appropriate equipment under a specific table, the hacker will be able to launch attacks remotely.

The researchers tested GhostTouch on 11 widely used phone models and were able to implement the attack with varying degrees of success on nine models, demonstrating that EMI attacks are a real threat to today’s personal devices.

Mobile Phone Quality Is An Issue

Users can improve the security of their smartphone device by buying a high-end phone. Around 88% of all phones worldwide are Android devices of various types. The remaining 12% are Apple’s iOS design which is widely considered to have superior security. Android phones made by Google, including the Nexus and Pixel brands have security as good as Apple’s iPhone but users who are concerned about their security are well advised to avoid generic devices such as those from Huawei and Xiaomi.

Unwitting users introduce vulnerabilities into their smartphones voluntarily and by some estimates more than half of all smartphone users had downloaded some kind of unsafe files or content to their mobile device.

 USENIX Symposium:      Portswigger:      I-HLS:      CCSInet:     Guardian:     ZDNet:     Cyware:

You Might Also Read: 

Cyber Criminals Increasingly Focus On Mobile Devices:

 

« Phishing- As-A-Service
Outsourcing IT Systems & Data Management Can Be A False Economy »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

Security & Intelligence Agency (SOA) - Croatia

Security & Intelligence Agency (SOA) - Croatia

SOA is the Croatian security and intelligence service. Areas of activity include Cyber Security and Information Security.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

HSB

HSB

HSB offers insurance for equipment breakdown, cyber risk, data breach, identity recovery & employment practices liability.

Stratejm

Stratejm

Stratejm, a Next Generation Managed Security Services Provider, brings innovation and thought leadership to the fight against cyber criminals.

Cyvatar

Cyvatar

Cyvatar is a technology-enabled cyber security as a service (CSaaS) provider delivering smarter managed security to help you achieve compliance and security faster and more efficiently.

IntelliDyne

IntelliDyne

IntelliDyne is a leading information technology consulting firm enabling better mission performance through innovative technology solutions.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Deutsche Gesellschaft für Cybersicherheit (DGC)

Deutsche Gesellschaft für Cybersicherheit (DGC)

As a leading provider of cyber security, DGC supports companies in taking advantage of the opportunities offered by the digital transformation – and in minimizing the associated risks.

Blue Bastion

Blue Bastion

Don’t give cybercriminals the chance to find weaknesses in your company’s cyber security system. Defend your institution from all attacks from all directions with Blue Bastion.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.

RAD Security

RAD Security

RAD Security (formerly KSOC) is a cloud native security company that empowers engineering and security teams to drive innovation so they can focus on growth versus security problems.