The replacement of mobile phone parts is one of the main methods to repair mobile phone, but recently, a new study shows that the replacement of mobile phone parts will also have the risk of data theft.
According to Engadget news, from the Gurion University researchers in Israel revealed that the third party can embed malicious mobile phone touch screen chip, the chip can perform some tasks and data theft, the research team has been in HUAWEI Nexus 6P and LG G Pad to verify their theory. According to the researchers, the malicious chip will record the user's keyboard input, and user shooting photos, forwarded by e-mail users in the case of imperceptibly, but also with some applications, direct users to phishing sites. In addition, the malicious chip will use the kernel of the mobile phone operating system vulnerabilities for two attacks, and other hardware damage to the phone.
Even more frightening is that the researchers think, install malicious chip screen looks and general screen and there is no difference, even in the eyes of the professional technical personnel are also not aware of the difference. The chip will not create any files when malicious attacks, so antivirus software can not detect.
The researchers found that malicious chip cost is not high. In order to install malicious chip to perform a task, the researchers used a ATmega run in the 328 microcontroller module on the Arduino platform. They also used a STM32L432 micro controller, and added that the micro controller can achieve almost the majority of malicious attacks this point. After that, they use a hot air blower will touch screen controller separately, and main board next, their welding wire, connecting a chip in the mobile phone.
Although this device looks relatively obvious, but the team claimed that as long as a little effort can be an easy job to do to hide in the hardware equipment components. It is worth mentioning that this malicious attack chip screen not only appear in the Android phone, iPhone screen can also be implanted target.