Android trojan monitors phone movements to steal users’ info

Motion sensors used on your phones are being used by web attackers and hackers to steal sensitive information from your handset. Generally known as Taploggers, these malicious programs actually hide inside game apps. Usually, games that require users to match contents or similar looking images conceal these hazardous Taploggers. A similar program used by attackers last year was the Touchlogger. It seems that most Android handsets and also Windows 8 devices are vulnerable to such attacks. In fact, the malicious code also works on Blackberry’s operating system.Trojan attack on your phone

But how exactly does this whole mechanism work? Well, the main culprit are the motion sensors in your phone. The Trojan virus becomes familiar with the manner in which a user executes pitch, roll and azimuth on their devices. The style in which each user works across these three dimensions is not the same. So, the Taplogger works by marking the precise regions on either the dial pad or the screenlock that one tends to use the most. The trojan now becomes capable of mimicking the way each user works their way through the screen.

But how does this Trojan manage to study and then recreate user patterns of different people so accurately. Actually, the Trojan keeps a tight tab on the way one uses his phone. All the changes on orientation are recorded in real time. The trojan closely monitors usage whenever a person enters a code to unlock their screen, punches digits on the dialer to make a call or enters numbers during a call. The Taplogger mostly hides in game apps. It collects all the data about usage patterns while the user is playing games. The more you play, the better the Trojan becomes at making guesses.

There are other variables like background vibrations that come in the way of the trojan sourcing information from your phone. However, these are not powerful enough to prevent it from accessing a major chunk of information. So, even though the information provided to the attacker is not complete, it still helps to reduce drastically the number of guesses they have to make to get to any sensitive information like PIN numbers or social security codes. For instance, one has to ideally try out 10000 combinations to crack a four digit PIN number. But this Trojan will bring down the number of tries to just 81, drastically increasing the success rate of the attacker.

The Trojan actually goes through all readings returned to the phone’s built in accelerometer, orientation sensor and gyroscope. All these readings are then sent out to another computer that is controlled by the hackers. These readings can be easily uncovered by the Taplogger. Whenever a user taps on their phone, the exact coordinates are reported to the OS of your phone. The malicious program makes interpretations easily by matching these coordinates to the information a user is accessing on their screen. Thus, Taploggers is capable of uncovering sensitive information like passwords, PINs or social security numbers from your phone easily and the basic problem according to a PhD candidate Zhi Xu is that the sensing motion on most smartphones is currently unmanaged.

Via: Arstechnica

Today's Top Articles:

Scroll to Top