A group of researchers from Ben-Gurion University of the Negev has demonstrated that hardware replacements can be equipped with a chip that is capable of manipulating the device’s communication.
Researchers conducted their experiments on two Android devices: a Huawei Nexus 6P smartphone which uses a touchscreen controller from Synaptics, and an LG G Pad 7.0 tablet that uses an Atmel controller. However, the experts believe many other devices are also vulnerable to these types of attacks, including ones made by Apple.
They tested three different attacks, using an experimental setup based on a low-cost micro-controller embedded in-line with the touch controller communication bus.
In the first one, they managed to impersonate the user by injecting touch events into the communication bus. This allows the installation of software, the modification of the device configuration, etc.
In the second one, they demonstrated that an attacker can log touch events related to sensitive operations (lock screen patterns, credentials, passwords).
In the third one, they proved that by sending crafted data to the phone over the touch controller in- terface, an attacker can exploit vulnerabilities within the device driver and gain kernel execution capabilities.
The researchers believe that threat of a malicious peripheral existing inside consumer electronics should not be taken lightly.