2023-05-24 18:20:00
Researchers from Tencent Labs and Zhejiang University collaborated to develop a new technique known as “BrutePrint,” which enables the forced extraction of fingerprints from modern smartphones. This technique was recently shown to the public.
This approach bypasses user authentication and therefore provides unauthorized access and full control over the device that is the target of the attack.
Researchers in China were able to brute force attacks and gain unauthorized access to accounts, systems, and networks by effectively bypassing current security mechanisms in smartphones, such as intent limitations and lifetime detection, by exploiting two vulnerabilities. zero day. This allowed researchers to gain unauthorized access to accounts, systems, and networks.
The following zero-day vulnerabilities have been exploited and are listed below:
Cancel After Failed Match (CAMF)
Match-After-Lock (MAL)
In addition, the researchers found a potential vulnerability in the protection of biometric data that was communicated by fingerprint sensors via Serial Peripheral Interface (SPI).
To analyze the effectiveness of BrutePrint and SPI MITM attacks, an extensive test was conducted on 10 different types of smartphones that are quite popular.
The findings showed that these attacks were effective by allowing an infinite number of attempts on any Huawei device running Android or HarmonyOS; however, iOS devices reported a restricted vulnerability, allowing only 10 additional attempts.
The main idea of BrutePrint is to send an unlimited series of fingerprint image submissions to the target device. This process is repeated until a match to the user-defined fingerprint is discovered, and there are no restrictions on the number of times the process can be carried out.
An attacker can launch a BrutePrint attack on a target device by first gaining physical access to the device, then gaining access to a fingerprint database, and finally using equipment that costs around $15. This allows the attacker to manipulate the False Acceptance Rate (FAR) to increase the threshold for accepting fingerprint matches for easier unauthorized access.
By exploiting the CAMF issue, BrutePrint injects a checksum error into the fingerprint data. This allows you to bypass security mechanisms and gives attackers the ability to try endless smartphone fingerprint matches without getting caught.
By exploiting the MAL vulnerability, attackers gain the ability to determine the authentication results of the fingerprint photos they try on the target device, even when the device is in a “lockdown mode” operating state.
The BrutePrint attack bypasses lockdown mode by exploiting a process known as MAL. It also makes use of a method known as “neural-style transfer” to change the fingerprint images in the database to more closely match the sensor scans taken by the target device. This increases the probability that the authentication will be successful.
The researchers found that every Android and iOS device they tested had a vulnerability to at least one known vulnerability after running a series of tests on those devices. The tests were carried out on a selection of 10 different mobile devices.
The researchers found that certain iPhone models are susceptible to CAMF, but due to the limited number of fingerprint attempts (up to 15), forcing the owner’s fingerprint is impractical. In addition, the researchers found that all Android devices tested are susceptible to the SPI MITM attack, with the exception of iPhones, which encrypt fingerprint data in SPI, rendering any interception ineffective.
BrutePrint may appear to be limited by the requirement that you have long-term access to the target device; However, its potential to allow thieves to unlock stolen devices and extract private data, as well as the ethical concerns and privacy rights implications for law enforcement during investigations, raise significant issues with respect to privacy violations. the rights and security of people in countries with a dominant political or political position. Economic possition.
Cyber security enthusiast. Information security specialist, currently working as a risk infrastructure specialist and researcher.
Experience in risk and control processes, security audit support, COB (business continuity) design and support, work group management and information security standards.
Send news tips to [email protected] or www.instagram.com/iicsorg/.
You can also find us on Telegram www.t.me/noticiasciberseguridad
#Unlock #Android #smartphone #fingerprint #trick