Phone battery can reveal everything you type!
Your smartphone battery could reveal your intimate secrets without you ever knowing. To do this, they implanted a micro-controller into a phone’s battery to record power flowing both in and out of the device. They then used an AI to match power flows with specific keystrokes. The technique could allow hackers to record your passwords, as well as monitor your most visited websites, the last time you used the camera and when you made a call.
The attack requires the smartphone to be in-use, and powered by the battery rather than on charge. The security threat was described in a new research paper, which is scheduled to be presented at the annual Privacy Enhancing Technologies Symposium in Barcelona next month. The smartphone battery represents an attractive target to hackers because ‘all the phone activity is exposed’, according to the security researchers from University of Texas at Austin, the Hebrew University, and Israel Institute of Technology Technion, who penned the new paper. The attack uses a similar method of tracking as used by so-called smart batteries.
These batteries monitor power consumption from apps and features to improve responsiveness and extend battery life by managing the resources. The research paper, entitled ‘Power to peep-all: Inference Attacks by Malicious Batteries on Mobile Devices’, presents a well-honed theory for how these attacks could take place. To start tracking, hackers need physical access to a smartphone to swap the battery for a malicious variant with an embedded microcontroller that samples power flowing in and out.
Related Posts