Hijack mobile devices via replacement smartphone components attack

A new technique has been discovered by a group of researchers from Ben-Gurion University, the technique can give the attackers full control over the targeted devices

Smartphones are usually dropped, shattering their screens. According to a recent study, more than 50% of smartphone owners have damaged their phone screen at least once, and 21% of smartphone owners are currently using a phone with a cracked or shattered screen.

According to researchers:
“Phone touchscreens, and other similar hardware components such as orientation sensors, wireless charging controllers, and NFC readers, are often produced by third-party manufacturers and not by the phone vendors themselves. Third-party driver source code to support these components is integrated into the vendor’s source code. In contrast to “pluggable” drivers, such as USB or network drivers, the component driver’s source code implicitly assumes that the component hardware is authentic and trustworthy. As a result of this trust, very few integrity checks are performed on the communications between the component and the device’s main processor”

The team were able to use a malicious touch screen to install arbitrary software and fully hijack a smartphone almost in 65 seconds, other malicious actions such as replacing a URL are instantaneous.

“We construct two standalone attacks, based on malicious touchscreen hardware, that function as building blocks toward a full attack: a series of touch injection attacks that allow the touchscreen to impersonate the user and exfiltrate data, and a buffer overflow attack that lets the attacker execute privileged operations.”