Categories: NewsSecurity

Researchers Hijack Smartphones With Chip-in-the-Middle Attack

Technology enthusiasts are all too aware of how governments would like nothing more than to snoop on their smartphones. That could be accomplished either by building in backdoors on the software level, or by gaining access to communication logs from popular IM service providers. A new hacking method recently discovered by security researchers takes the form of a secret chip hidden inside replacement parts. For now, this method is known as a chip-in-the-middle attack.

Beware of Chip-in-the-middle Attacks

Very few people would expect government officials to tamper with the hardware components found in their smartphone. It would be very difficult to do so, especially during the manufacturing process. Without consent from the company building these devices, that becomes even more difficult. However, it seems there may be a way of doing so that does not require manufacturers’ permission.

Through what is known as a chip-in-the-middle attack, it is possible for malicious actors to mass manufacture electronic spare parts with hidden chips lodged inside. Every single one of these chips would be able to intercept device communication or execute malicious commands remotely. It is a very dangerous threat, although implementing it feasibly is something else entirely. One needs to have serious manufacturing capabilities to even consider such an attack in the first place.

That does not mean it could not be executed successfully. Researchers have proven this by building malicious spare parts and successfully using them to take over a smartphone. During the test, the researchers successfully snooped on communication and even sent malicious commands to the phone in question. It appears such an attack could be launched by buying off-the-shelf electronics which are sold in most stores for US$10 or less. It would require some soldering skills, but it is something that could be done relatively easily.

Related Post

A lot of people send their phones off to repair shops when something is broken. They generally have no control over the service provided or the spare parts used in the process, and it would be virtually impossible to tell whether or not replacement parts are benign. It is highly unlikely someone would tamper with parts for this particular purpose, although one should not dismiss the possibility either. Stranger things have happened. There are two types of chip-in-the-middle attacks, both of which could have disastrous consequences for the end user.

Thankfully, the researchers documented all of their evidence and published a white paper on the topic. This information needs to be shared with the rest of the world. Far too often, consumers remain unaware of the dangers that lurk beyond their eyesight. Everyone who sends in a smartphone to have parts replaced should be very concerned right now. Although no one has officially built these malicious chips, it is not all that hard to do. Anyone could do it, which is even more disconcerting.

All of this goes to show governments and other malicious actors do not necessarily need to install a software backdoor to get the information they are after. For all we know, every phone manufactured within the U.S. already has such data-stealing chips embedded within them. Most people never open the back of their smartphones other than when they are freshly purchased and require insertion of a SIM card or battery. It will be interesting to see if anyone attempts to pursue this attack vector in the future.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

7 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

7 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

8 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

8 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

12 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

13 hours ago