Skip to main content

Repairing your phone could leave it open to hackers

(Image credit: Image Credit: WerberFabrik / Pixabay)

Having your smartphone's screen repaired could leave your device open to attackers enabling them to steal your data and even compromise your device, experts have warned.

A new study (opens in new tab) from researchers at Israel's Ben-Gurion University of the Negev has revealed that a replacement screen could be easily altered by potential hackers to gain control of smartphones running either Android or iOS.    

Third-party touchscreens can be embedded with a malicious integrated chip that could be used to give attackers access to your device.  During the course of the study, a Huawei Nexus 6P (opens in new tab) and a LG G Pad (opens in new tab) 7.0 were both fitted with a modified screen and the team of researchers were able to gain access to the communications systems of both devices. 

The researchers were able to log keyboard inputs, install apps, direct users to phishing websites and even take pictures of those using devices and email them back to the user.  Through a second class of attack, they were even able to gain control of the operating system kernel of the Nexus 6P and L G Pad.

Unfortunately it will be hard for anyone to detect these modified screens as they can be produced to appear identical to screens made by manufacturers.  To make matters worse, no files are needed to gain access to a user's smartphone and because of this antivirus software is rendered completely useless to stop these kinds of attacks. 

The researchers carried out their chip-in-the-middle attacks by using an Arduino (opens in new tab) platform running on an Atmega328 micro-controller module. However they were also able to recreate the process using a STM32L432 micro-controller which proves that other micro-controllers could also be used to carry out the attack. 

Image Credit: WerberFabrik / Pixabay

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.