Hackers can bypass smartphone security, even something as complex as a fingerprint, in the blink of an eye. A cheap device allows you to recreate fingerprints and unlock a seemingly secure phone.
Security researchers have discovered a new way to bypass the protection of a smartphone that hackers drool over. We are talking about the possibility of hacking the fingerprint sensor, which protects a huge number of phones. Plus, it can be done inexpensively.
Hackers hacked smartphone - fake fingerprints
The authors of the new method call the technique BrutePrint, from brute force and a fingerprint. This is supposed to be reminiscent of the similar concept of brute-forcing pins - that is, entering codes one by one until you finally get the right one.
The method works as follows. First, the attacker needs to stock up on integrated circuits worth about $15. The electronics consists of a fingerprint generation device and a control system. The last requirement is access to the fingerprint database - they are available on the Internet, from research or data leaks.
BrutePrint uses one of the security vulnerabilities to get an infinite number of “finger unlock” attempts. Fingerprint security also works a little differently than a password. Our secret code must match in nature, and the fingerprint must be very similar, but not identical.
Nearly all the phones tested ended up succumbing to the researchers’ tests. They tested smartphones such as Xiaomi Mi 11 Ultra, vivo X60 Pro, OnePlus 7 Pro, OPPO Reno Ace, Samsung Galaxy S10 Plus, OnePlus 5T, HUAWEI Mate 30 Pro 5G, HUAWEI P40, Apple iPhone SE and Apple iPhone 7.
Fingerprint phone lock - it can be hacked in 40 minutes
Scientists managed to crack the fastest fingerprint in just 40 minutes. Bypassing the system in less than a school hour is a rather disturbing concept. However, it should be recognized that the effectiveness of the method varied depending on the phone.
The Samsung Galaxy S10 Plus fared the worst, with multiple attempts ranging from 0.7 to 2.9 hours. Xiaomi Mi 11 resisted the longest - in this case, it took from 2.8 to almost 14 hours to crack the protection.
Interestingly, the iPhones resisted the attacks. The researchers speculate that this is because Apple iOS encrypts fingerprint data, which Android phones do not. This makes it impossible to match random fingerprints.
Source: Wprost
I am George Brown, author at Daily News Hack. I mostly cover economy news and I have been doing this for quite some time now. I have a lot of experience in this field and I’m always looking for new opportunities to learn more.
