ATFuzzer: A Threat that Misuses USB Chargers, Headsets, and Bluetooth.
A new security threat has been found which can hit various high-tech android devices by exploiting the Bluetooth and USB accessories to attacks the phone. According to a paper published by researchers from Purdue and Iowa University, the base-band processors of many famous Android phones are modified that enables the hacker to get access. By using specifically modified USB and Bluetooth accessories, the experts could explain how these accessories are misused to give directions such as AT commands that regulate the baseband's working. The research also checked various smartphones such as Samsung, LG, HTC, Google, Motorola, and Huawei that are not very latest but still generally used.
Meanwhile, the experts decoded critical information such as the IMEI number, roaming status, and network settings that can help to locate the targets. The researchers also conducted Denial of Service (DoS) initiatives, interrupt Internet connections and use functions such as Do Not Disturb (DND), call logs, blocking, etc.
Ten smartphone devices from different companies were examined. Fortunately, not all the smartphones fell prey to Bluetooth and USB accessories threat. However, various accessories such as phone chargers, speakers and even headsets can be misused to exploit any device by following the given technique.
"The android devices can't possibly be endangered to the AT command interface in any way," concludes the research team. If interested to read the exploits, it could be found at the Github repository. The research paper would be manifested next month at the 35th Annual Computer Security Applications Conference. The attacked smartphones worked on base-band processors built by Samsung, Qualcomm, and Huawei. The experts informed all the concerned devices and base-band providers and remained 3 months still before announcing to the general public about their conclusions. Meanwhile, Samsung has acted by making security patches for its smartphones.
How to be safe?
The users are suggested not to use accessories that are not known. They are also strictly advised against using public chargers as they can be harmful to smartphones. Using trusted accessories and minimal unknown gadgets are the only solution to the problem.
from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/32NO6NX