NordVPN researchers released reports about a new vulnerability that allows unlocking certain smartphones remotely, without the need to install any specific type of malware. The described method, called GhostTouch, was discovered by academics from the Universities of Zhejiang, China, and Technical University of Darmstadt, Germany.
Remote access to sensitive data
GhostTouch makes it possible for cybercriminals to unlock mobile devices and gain access to sensitive data such as passwords and banking applications. Furthermore, these criminals can also install malware on smartphones, according to researchers. However, it is important to note that the hardware used by attackers needs to be relatively close to the victim for the attack to be successful.
Most common attacks in libraries and cafes
According to experts, the most common places for this type of attack are libraries, cafes and conference halls, where people tend to leave their smartphones face down on the table. The attackers prepare the necessary equipment in advance and launch the attack remotely, without the user realizing that their device has been compromised.
Adrianus Warmenhoven, cybersecurity expert at NordVPN, points out: “Unfortunately, the most common places for touchscreen hacking are public places like libraries, coffee shops or conference halls, where people place their smartphones face down on a table. Attackers prepare equipment under the table in advance and launch the attack remotely. The user may not even realize that their device has been hacked.”
Vulnerability in nine smartphone models
The researchers say the GhostTouch attack is possible at a range of up to 40 meters, meaning attackers can place the necessary hardware under the table and use it to access the devices. Once the connection is established, the distance between the hackers and the target smartphone is irrelevant.
So far, nine smartphone models have been confirmed to be vulnerable to this type of attack, including the iPhone SE (2020), Samsung Galaxy S20 FE 5G, Redmi 8 and Nokia 7.2. During the attack, users would realize that the smartphone was acting on its own, which could raise suspicions.
According to NordVPN, more than 209 million results come up when searching for the phrase “the phone unlocks itself” on Google, indicating that the phenomenon is not that uncommon. While not all of these results are related to GhostTouch, some of them can certainly be attributed to this newly discovered vulnerability.
Protective measures
Experts recommend that users take protective measures to avoid falling victim to GhostTouch. It is essential to ensure that the smartphone has security mechanisms, such as PIN codes, unlock patterns or biometrics. These measures can help prevent unwanted access and protect sensitive data stored on devices.
