It’s hard enough to admit the fact that we’re living in a “sci-fi” world right now. Smartphones are real gems of engineering, encased in 200-gram cases and fitting into the pocket of your jeans. However, there will always be people who will be able to turn these beautiful technologies against us in clever ways that are not so easy to guess.
- Your smartphone can recognize the text you’re typing on your keyboard
- Smartphones can steal credit card data just by being near it
- Fake charging stations with a surprise
- Fake base stations can turn your phone into a remote listening device
- A secret photo app can help keep track of you in 3D
1. Your smartphone can recognize the text you’re typing on your keyboard
If you work at a computer, you probably keep your favorite smartphone on the desk where you work. Indeed, if you get a call, you don’t have to frantically take your phone out of your pocket, nor is it uncomfortable to sit with. After all, if mobiles were designed for convenience, why not just keep them within arm’s reach?
Researchers at Georgia Tech have turned the smartphone into a real villain, aware of your every keystroke on the keyboard. Passwords, mail, personal correspondence – your phone can quietly “eavesdrop.”
If you think the surveillance involves a microphone or camera, you’re wrong. It’s even trickier. When you’re typing on the keyboard, the smartphone’s accelerometer detects subtle vibrations of the table on which the device is lying. And depending on the distance between the keys and the time between keystrokes, a complex mathematical algorithm determines which keys you press.
Phones with accelerometer sensitivity levels like the iPhone 4 can easily figure out what text you’re typing with up to 80% accuracy.
Since an unfamiliar app’s requests for access to the camera or microphone can make anyone suspicious, such a program can easily be a “Trojan horse” in some quite innocuous app like another free flashlight with a nice design.
The modest accelerometer is rarely protected by security settings, because who would have guessed that the screen rotation sensor would suddenly be able to intercept your correspondence? Fortunately, such a hacking attack is easy to fend off – just don’t put your phone next to the keyboard.
2. Smartphones can steal credit card data just by being near it
If after that sentence you’re finally ready to throw your phone out the window and live like the good old 90s, read on. The only problem is that every smartphone that’s around carries a potential threat, whether it’s yours or not. A modern Android device can easily steal your credit card information and order items on eBay for its developer.
Fortunately, not all cards are susceptible to attack, only “contactless” cards are. According to preliminary data, there are tens of millions of such credit cards in the U.S. alone, and they are all designed to be read at a distance. If you have such cards – you’ll soon have to keep them in your lead wallet.
Thus, all you need to steal is a modern phone with NFC and a special scanner program. In a crowded subway car, you won’t even know that someone has “picked” your pocket. An intruder will silently penetrate through the tightest coat and thickest purse and steal your credit card over the airwaves.
The creator of the program showed it off at DefCon 2012, which is kind of a hint. The app is also capable of transmitting credit card information to other phones. A newly stolen credit card in London could be used in seconds to pay in any part of the world.
3. Fake charging stations with a surprise
Imagine the situation: you are sitting in a coffee shop, about to take a picture of a huge sandwich or a beautiful foam on your coffee, but your phone suddenly reminds you that only 2% of battery power is left and it will turn off in just a minute. But here, luckily, there is a free charging station with different USB cables.
You plug in the “dying” gadget. The familiar sound is heard, and the battery begins to slowly gain the coveted percentage. You are saved! Meanwhile, the hidden device on the other side of the box collects personal data from your phone (saved passwords, self-portraits in the bathroom, etc.) and simultaneously sends you viruses.
In general, connecting your smartphone to unknown cables is not a good idea. This way you can raise the self-esteem of a homebrew hacker. By the way, at DefCon 2011, 360 people fell into this trap. The event is held once a year and brings together professional hackers and security experts from around the world. In other words, 360 professionals were fooled by such a very obvious and thus even more unexpected hack.
Fortunately, the charging module belonged to Aries Security, an information security company. Instead of stealing user information, the screen displayed a reminder to experts: “Don’t connect personal devices to questionable boxes… especially at a hacking conference.”
While chargers installed in airports and shopping malls are likely safe, charging stations with surprises can await anywhere – the number of companies renting them for their needs is steadily increasing. So it’s probably best to carry the cable and adapter to the electric grid with you, or just to get over the urge to tweet nonstop.
However, identity theft is nothing compared to the following statement.
4. Fake base stations can turn your phone into a remote listening device
Even if you bought the most perfect protective case, don’t connect obscure cables to your phone, and keep your anti-virus software updated, you’re not protected From attacks over the air.
Professor Ralf-Philippe Weinmann of the University of Luxembourg has demonstrated that hackers can attack a smartphone over the air, completely bypassing the operating system and anti-virus software. We are talking about hacking the radio processor.
This type of attack requires special equipment that simulates a cellular tower and makes the phone “think” it is connected to the network. Once the connection is established, the hackers gain control over everything the radio processor controls. And that includes the ability to make calls, a microphone, even a camera in some models.
Weinmann presented his findings at the 2011 Black Hat conference, showing how a spoofed cell could remotely and silently “answer” a phone and then live record the sound from its microphone. This is roughly the kind of technology Batman used in The Dark Knight. However, you don’t have to be as rich as Bruce Wayne to use it – a cell costs about $4500.
5. A secret photo app can help keep track of you in 3D
Finally, we come to the PlaceRaider app, which knows how to generate full 3D indoor images. The program, which masquerades as a harmless photo app, takes random shots throughout the day. The frames are then sent to a central server, where they are analyzed and combined into a three-dimensional detailed image of your home, office or terrorist lair.
The technology is reminiscent of the one used by Tony Stark in the movie “Iron Man 3” to solve the suicide bomber’s crime. However, the movie came out in 2013, and PlaceRaider was developed and tested back in the fall of 2012.
The tests were successful: PlaceRaider in the hands of unsuspecting office workers not only recreated the room environment in high resolution, but also took a lot of screenshots from monitors, recorded the data of receipts, random documents on desks, and even prepared large pictures of keys.
The power of smartphones is one of the technological advances of our time. These devices carry a set of sensors for environmental monitoring, powerful data processors and are capable of transmitting and receiving information at high speed. It should not be forgotten that all this can turn against the owner.