New study finds hidden chips in phone parts can compromise your device.
A new study has shown that a replacement screen can easily be altered to override your mobile. By embedding a malicious integrated chip within a third-party touchscreen.
It were able to manipulate the communications system on a Huawei Nexus 6P and LG G Pad 7.0. This essentially allowed them to record keyboard inputs, snap pictures of the user and forward them via email, install apps, and direct the user to phishing websites.
This type of low-cost attack is known as the “chip-in-the-middle” scenario. The researchers used an Arduino platform running on an ATmega328 micro-controller module. They also used an STM32L432 micro-controller, adding that most other micro-controllers could also do the job. They then used a hot air blower to separate the touchscreen controller from the main assembly boards, in order to access its copper pads. Next, they soldered a copper wire to attach their chips to the device.
It’s not just Android phones that are at risk either. The paper also indicates that iPhones could fall prey to the same types of attacks.