More than 209 million results emerge when trying to search the phrase “phone unlocks itself” on Google. Even though many people attribute this to a security bug on their smartphones, experts say a GhostTouch attack could be causing the issue. 

GhostTouch is the newest screen hacking attack that allows criminals to hack a user’s phone remotely. In simple terms, attackers use electromagnetic signals to simulate primary touch events like taps and swipes on targeted locations of the touchscreen. The goal is to take remote control of a smartphone to manipulate it in potentially dangerous ways (accessing your data and passwords, accessing unsafe services, or installing malware).

“Unfortunately, the most common places for touchscreen hacking are public places like libraries, cafes, or conference lobbies, where people place their smartphones face-down on the table. The attackers prepare the equipment under the table in advance and launch the attack remotely. The user may not even notice that their gadget has been hacked,” says Adrianus Warmenhoven, a cybersecurity expert at NordVPN.  

How does screen hacking work?

According to academics from Zhejiang University (China) and the Technical University of Darmstadt (Germany), the attack uses “electromagnetic interference (EMI) to inject fake touch points into a touchscreen without the need to physically touch it.”

The attack works from a distance of up to 40 mm. and takes advantage of capacitive touchscreen sensitivity to EMI. Attackers can inject electromagnetic signals into the electrodes that are built into the touchscreen to register them as touch events (a tap, a swap, a press, or a hold).

The attack has been proven to work on nine smartphone models, including iPhone SE (2020), Samsung Galaxy S20 FE 5G, Redmi 8, and Nokia 7.2.

How to know if a user’s screen has been hacked

If a user’s screen has been hacked, it will start operating by itself. For example, it will start answering calls on the user’s behalf or unlocking itself. 

Another evident sign of a hacked phone is when it starts opening random URLs, logging in to the user’s bank account, opening files, playing a video, or typing in the search field without the user’s input.

Attackers may also try to establish a malicious connection to perform man-in-the-middle attacks or manipulate the phone with a Bluetooth mouse. So if a user notices some unusual Bluetooth or Wi-Fi connections — their phone is probably hacked.

How to protect yourself against touchscreen hacking

“You can protect yourself against touchscreen attacks in several ways, from adding more security to your phone to being more vigilant in public places. Don’t leave your phone unattended, and you will very much lessen the chances of it being hacked,” says Adrianus Warmenhoven, and provides cybersecurity tips that can help users keep their smartphones safe.

  • Add an extra layer of security. In addition to secure passwords, ensure you enable advanced measures like facial recognition, fingerprint, or a PIN for high-risk actions (like money transfers). Doing so will ensure that you can prevent significant financial losses even if you fall victim to touchscreen hacking.
  • Keep your phone’s operating system up to date. Updates provide essential security functions that could reduce the likelihood of an attack. They manage vulnerabilities and may even contain an additional feature specifically developed to protect your phone against such attacks.
  • Use anti-malware software. While using anti-malware software, like NordVPN’s Threat Protection, won’t prevent a GhostTouch attack, it will not allow criminals to install malware into your device if they do get control of your gadget.  

Source: NordVPN