Experts: Hackers can find out your personal info from your smartphone battery
By Edsel Cook // Aug 28, 2018

We have yet another reason to be paranoid about our smartphones. This time, it is because of the battery. In an article in The Daily Mail, security experts warned that hackers can discover everything you browse and do on your phone by analyzing the power levels of your battery.

Brighteon.TV

A joint team of American and Israeli researchers demonstrated this sinister capacity by putting a micro-controller inside the battery of a smartphone. The tiny device kept track of the power used by the device.

The data was given to an artificial intelligence (AI), which compared the power flows with certain actions such as keystrokes.

With this technique, hackers could figure out your passwords and the websites you visit the most. They can also learn about the last time you took a photo with your camera or your most recent call you placed.

This hacking method does need the smartphone to be in active use. It also depends on the device being powered by the compromised battery instead of an external power source. (Related: “Tamper-proof” cryptocurrency wallet just backdoored by a 15-year-old self-taught programmer.)

"Poisoned" battery lets hackers know about your smartphone activities

In a recently-presented paper called "Power to Peep-all: Inference Attacks by Malicious Batteries on Mobile Devices," the researchers warned about this hacking threat. The technique is similar to the means by which smart batteries track your phone's power consumption.

Smart batteries keep an eye on the amount of power used by apps and features on the smartphone. They use this data to manage power use, maximizing battery life while ensuring the phone remains responsive.

These batteries are becoming prevalent in the latest smartphones. Now it turns out that hackers can use a similar technique to record the user's activities on the phone.

At the time of the presentation, the researchers admit that there has been no case of such an attack in real life. Hackers need to get their hands on the smartphone in order to replace the standard battery with a "poisoned" unit that contained the micro-controller.

Still, it would not take a suspiciously long time for the switch to be made. The exchange could be performed at any time or place. The researchers cited supply chains, repair stores, and airport security inspections as some of the likeliest places and opportunities.

Furthermore, this method has several advantages over other means of hacking. The microcontroller does not alter the software, so it leaves no hints regarding its presence.

It can keep an eye on the phone's activity without any need to put physical probes in the power charging cable or hacking the network. And the only intrusive alteration of the hardware is the replacement of the battery.

Functions like the camera, an app, or the web browser consume different amounts of power. Hackers can create a detailed log of smartphone activities based on the power usage recorded by the compromised battery.

AI can use battery usage data to figure out your username and password

The researchers also said that software keyboard strokes used a different amount of power from other screen touches. They showed how an AI could tell them apart and identify the particular keystroke on the soft keyboard.

In their experiment, they tested the technique on a Huawei Mate 9 unit and a Samsung Galaxy Note 4 smartphone. They reported tracking and identifying keystrokes made on the Huawei phone's built-in GBoard keyboard and the third-party SwiftKey keyboard.

They were able to pull off the same attack on the Samsung phone's default Samsung keyboard. If combined with battery usage data that indicates the use of a web browser, the hacker can figure out which keystrokes are part of a username or password.

Learn more about devices and methods that are stealing your information at Computing.news.

Sources include:

DailyMail.co.uk

PETSymposium.org [PDF]



Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.