By exploiting the fingerprint sensor, a BrutePrint attack may unlock Android phones.
If you are an android user, please be careful and as much as possible save your work and banking details because this news will make you think about it.
A group of security experts has discovered a new technique to hijack an Android cell phone with only $15 in equipment. The researchers call it BrutePrint, and it can conduct a fingerprint brute-force assault and unlock a phone in less than an hour.
The BrutePrint attack, as described by Yu Chen of Tencent and Yiling He of Zhejiang University, takes use of two zero-day vulnerabilities. The first is Cancel-After-Match-Fail (CAMF), which permits attempt restrictions to be bypassed, and the second is Match-After-Lock (MAL), which may be used to infer authentication outcomes.
The researchers can conduct the BrutePrint attack with physical access to the device and a $15 circuit board. To boost the acceptance threshold for fingerprint matches, the false acceptance rate is altered.
The researchers also stated in their article, which was published on Arxiv.org, that the serial peripheral interface of fingerprint sensors was improperly safeguarded, allowing them to undertake man-in-the-middle (MITM) attacks to hijack fingerprint pictures.
The researchers tried eight Android devices (including the Galaxy S10+, OnePlus 7 Pro, and Mi 11 Ultra, to name a few) and were successful in unlocking all of them. The quickest to unlock took only 40 minutes.
They also tried BrutePrint on the iPhone SE and iPhone 7, but were unsuccessful. While the researchers determined that they were likewise sensitive to CAMF, they were only able to boost the fingerprint tryout count to fifteen. Because iOS devices encrypt fingerprint data on the SPI, they are also immune to SPI MITM attacks.
Via: Android Authority