Often people opt to get their phone’s screen replaced by third-party when they damage their expensive devices’ screens. Using third-party replacement may not pinch your pocket but could make your phone vulnerable to hackers.
According to a new study by a group of researchers from Israel’s Ben Gurion University, titled “Shattered trust: When replacement smartphone components attack,” third-party replaced screens may contain chips which can be used to hack your smartphone through which hackers can get access to information, including your financial details and passwords.
How a smartphone can be hacked using a replacement display has been revealed in a video by the study.
The video shows a malicious chip integrated into the third-party touchscreen and that can target the communication system of a Huawei Nexus 6P or an LG G Pad 7.0. By doing this researchers could record all communication done on the smartphone including emails sent, the keyboard input used for sending messages, making calls and much more. Malicious apps could also be installed for any illegal activity using these apps.
The study also revealed that the chip integration cannot be found just by looking at the replaced screen as it is very difficult to differentiate between such malicious components and company parts.
The hack cannot be scanned through any anti-virus as it is based on hardware and not software.
For the research, experts used an Arduino platform running on an ATmega328 micro-controller module to carry out the attack. They also used an STM32L432 micro-controller, but most other general-purpose micro-controllers would also work. A hot air blower was used to separate the touchscreen controller from the main assembly, allowing access to the copper pads, following which they attached the chips to the device.