Hackers have quietly moved the attack direction to the mobile platform.

Hackers have quietly moved the attack direction to the mobile platform.

 

 

Unlike computers, mobile phones store various types of user information, including email addresses, personal sensitive information, and bank information. Based on this, hackers have quietly moved their attack direction to the mobile platform.

Security researchers will discover some iOS platform exp or Android platform exp every week. However, a security team recently discovered that one exp can use both iOS and Android platforms.

A security research team composed of Tel Aviv University in Israel, Israel Polytechnic Institute, and Adelaide University in Australia discovered an attack method, attackers can steal keys that protect bitcoin wallets, Apple Pay accounts, and other sensitive services on their mobile phones. Mobile phones in Android and iOS systems are affected.

The Team has previously worked out many ways to intrude into computers and steal data. Last week, the team just discovered how to steal sensitive data from Air Gap computers (Air Gap computers are computers in a closed space that do not connect to the network ). Last year, they demonstrated how to steal decryption keys from a computer using a radio receiver and a pizza package. They also demonstrated that keys can be stolen only by touching the computer's chassis.

Side Channel attack

The recently discovered exp is a non-aggressive side-channel attack: the system's encryption key is stolen by analyzing the memory usage mode or analyzing the electromagnetic output from the device during decryption. This attack targets the elliptic curve digital signature algorithm (ECDSA), a standard digital signature algorithm, which is widely used in bitcoin wallet, Apple Pay, and other applications. It is faster than other encryption systems.

How to steal an encryption key?

The iPhone 4 was tested. When the mobile phone was being encrypted, the researcher placed a $2 magnetic probe around the mobile phone. Tests show that there are enough electromagnetic waves distributed around it to fully steal keys to verify the sensitive data and financial information of end users.

 

You can also find another attack method by connecting a USB adapter to the USB cable of your mobile phone and capturing signals with a USB sound card.

"Using these methods, we can steal signature keys from OpenSSL and CoreBitcoin on iOS devices, and some leaked keys from OpenSSL and CommonCrypto on Android devices ."

Security researchers also tested their exp on the Sony-Ericsson Xperia X10 mobile phone (Android), and the results were feasible.

Intrusion requires the attacker's physical control, or at least one magnetic probe or cable. A vulnerable mobile device can find thousands of ECDSA signatures as long as it can execute enough tasks.

Technical Report on shared key theft [PDF]

Affected Device

Versions 7.1.2 to 8.3 of iOS are vulnerable to side-channel attacks, while versions 9.x of iOS are vulnerable to side-channel attacks.

However, iPhone and iPad users are not so lucky. As long as they install vulnerable apps, such as CoreBitcoin, they cannot avoid attacks.

OpenSSL1.0.x and 1.1.x are also vulnerable to attacks.