Screen hacking: What is it, and how can you protect yourself?

In a screen hacking attack, hackers use electromagnetic interference (EMI) to inject false touch points into a touchscreen remotely, without anyone needing to touch it.

It’s a new attack type, which researchers have called the first active contactless attack against capacitive touchscreens.

A ghost touch refers to your device registering swipes and taps without you actually touching your screen. A common misconception is that this is something an attacker does. Not true. More often than not, ghost touches are a result of a device’s software issues or hardware, such as a cracked screen.

In simple terms, attackers use electromagnetic interference (EMI) to make your smartphone perform various actions without anyone needing to touch it.

The most common places for touchscreen hacking are public places like libraries, cafes, or conference lobbies, where people place their smartphones face-down on the table. The attackers prepare special equipment under the table to launch a remote attack.

According to academics from Zhejiang University and the Technical University of Darmstadt, the attack uses “electromagnetic interference (EMI) to inject fake touch points into a touchscreen without the need to physically touch it.”

The attack works from a distance of up to 40 mm and takes advantage of capacitive touchscreen sensitivity to EMI. Attackers can inject electromagnetic signals into the electrodes that are built into the touchscreen to register them as touch events.

These events can be a tap, a swipe, or a more sophisticated press and hold. Here are some of the actions attackers may be able to perform once they’ve hacked into your touchscreen device:

• Take control of your keyboard.
• Start typing into your browser.
• Open malicious programs or websites.
• Change privacy settings.
• Connect to malicious Wi-Fi.
• Install viruses or tracking programs.
• Watch videos with malicious pop-up ads.
• Access your data or details.
• Visit a page or site containing a virus.
• Access social media websites (e.g., Facebook).
• Click on spam links.
• Answer or make calls.

The attack works on nine smartphone models, including Android and Apple devices.

If your screen has been hacked, it will start operating by itself. If you suspect your phone has been hacked, it’s important to react immediately to prevent further damage. Here’s how you can tell if someone has gained control of your screen remotely:

• Your phone is answering calls on your behalf. If your phone is ringing and suddenly answers the call without you doing anything, this could mean someone else is controlling your touchscreen.
• Your phone unlocks itself. Touchscreen hackers can induce behaviors such as swiping and tapping. If your phone unlocks itself, it may indicate someone is controlling it remotely.
• Your phone starts to operate by itself. Touchscreen hackers can manipulate your touchscreen remotely. If you see your phone opening a URL, opening files, visiting sites, or typing in the search field without your input, someone has likely hacked into your touchscreen.
• You’ve noticed some unusual Bluetooth or Wi-Fi connections. Attackers may try to establish a malicious connection to perform man-in-the-middle attacks or manipulate the phone with a Bluetooth mouse.

You can protect yourself against touchscreen attacks in several ways, from adding more security to your phone to being more vigilant in public places. Here are some tips on how to avoid a touchscreen attack:

Strong locks

In addition to secure passwords, enable advanced measures like facial recognition, fingerprints, or a PIN for high-risk actions (like money transfers). Doing so will ensure that you can prevent significant financial losses even if you fall victim to touchscreen hacking.

Use 2FA

Two-factor authentication (2FA) provides a secondary layer of security. Even if someone could get into your device, 2FA would limit the potential damage because the attacker would have a hard time getting into your accounts.

Public places

Be mindful of your smartphone when enjoying a cup of coffee or attending a business conference. It’s not unusual to leave your phones lying face-down on the table, but it gives hackers the perfect opportunity to use their EMI hacking system to attack. Instead of putting your phone on the table, you’d better keep it out of sight.

Keep software up to date

Updates provide essential security functions that could reduce the likelihood of an attack. They manage vulnerabilities and may even contain an additional feature specifically developed to protect your phone against such attacks. Regularly check if your phone’s operating system has any updates.

Use NordVPN’s Threat Protection

Threat Protection is an advanced security feature that blocks malware, trackers, and ads. Using Threat Protection or Threat Protection Lite on your phone will help prevent hackers from opening harmful links online.

Touchscreen hacking is a relatively new type of targeted attack. It’s important to raise awareness to alert and encourage people to enhance their smartphone security.

While using a VPN won’t always prevent hacking attacks, it will encrypt your connection, enhancing your overall digital security and privacy. NordVPN also offers several advanced security features for staying safe online that can help prevent or reduce the likelihood of many types of cyberattacks.

Conclusion

Screen hacking is a dangerous attack that can give hackers almost complete control of your device. But it requires specific circumstances like sitting down at a table where hackers have installed an EMI device and placing your smartphone 4 cm (1.5 in.) from it. But it’s a poignant reminder that cybersecurity is always changing, with new attacks, such as screen hacking, continuously emerging. That’s why using various security measures, using a VPN on public networks, and staying aware of your surroundings is always important.