We use smartphones for everything from communication to finances, and we store all of our personal information on them. This makes them a valuable target for hackers.
As you know, the security of smartphones has always been a concern. According to recent research, a new attack technique discovered by researchers at a Chinese university can be used to unlock Android phones in a matter of minutes using just a $15 hack.
Researchers at a Chinese university have discovered a way to unlock some Android devices using fake fingerprints.
Researchers have found two security flaws in the fingerprint recognition systems of many Android devices. These flaws can be used to create a fake fingerprint that can be used to unlock the device.
Two essential things are required to complete this attack: a device and at least 40 minutes of continuous access to the phone. Although it may seem like a long shot, this attack makes lost or stolen phones an obvious target for attack.
The BrutePrint attack uses a fingerprint database, and the circuit boards run a direct lookup against the technical database to unlock the device.
The research team tested this method on eight different MAS devices, including Xiaomi Mi 11 Ultra, Vivo X60 Pro, OnePlus 7 Pro, Oppo Reno Ace, Samsung Galaxy S10+, OnePlus 5T, Huawei Mate 30 Pro 5G, and Huawei P40.
The researchers concluded that the time required to unlock each phone was different. Depending on various factors, such as the number of digits stored on each device for authentication and the security framework used on the particular phone, it takes anywhere from 40 minutes to 14 hours to unlock the device.
In this case, it was the Samsung Galaxy S10 Plus that took the least time (from 0.73 to 2.9 hours), and the Xiaomi Mi 11 the most (from 2.78 to 13.89 hours).
Interestingly, the research team also tested devices running the iOS operating system, specifically iPhone models with the touch id feature. iPhone SE and iPhone 7 models were tested and found that neither can be hacked using this method.