Screen hacking is a contactless attack during which hackers take remote control of your touchscreen. How can you know if your touchscreen has been hacked? Can attackers take control of your screen to access your passwords, apps, and files – and how can you prevent it? Read on to find out.
In a screen hacking attack, hackers use electromagnetic interference (EMI) to inject false touch points into a touchscreen remotely, without anyone needing to touch it.
It’s a new attack type, which researchers have called the “first active contactless attack against capacitive touchscreens.”
You may have heard the term “GhostTouch” – when your smartphone touchscreen presses random buttons on its own, without you doing anything. This term defines what happens when someone hacks a touchscreen device.
Attackers use electromagnetic signals to simulate primary touch events like taps and swipes on targeted locations of the touchscreen. The goal is to take remote control of your smartphone to manipulate it in potentially dangerous ways. These could include selecting buttons, accessing your data and passwords, establishing an unsafe Wi-Fi connection, accessing unsafe services, or installing malware.
In simple terms, attackers use electromagnetic interference (EMI) to make your smartphone perform various actions, without anyone needing to touch it.
The most common places for touchscreen hacking are public places like libraries, cafes, or conference lobbies, where people place their smartphones face-down on the table. The attackers prepare the equipment under the table to launch a remote attack.
According to academics from Zhejiang University and the Technical University of Darmstadt, the attack uses “electromagnetic interference (EMI) to inject fake touch points into a touchscreen without the need to physically touch it.”
The attack works from a distance of up to 40mm and takes advantage of capacitive touchscreen sensitivity to EMI. Attackers can inject electromagnetic signals into the electrodes that are built into the touchscreen to register them as touch events.
These events can be a tap, a swipe, or a more sophisticated press and hold. Here are some of the actions attackers may be able to perform once they've hacked into your touchscreen device:
The attack works on nine smartphone models, including Android and Apple devices.
Yes, hackers can control your touchscreen remotely during an EMI attack. They don't have to be nearby as long as the equipment is no more than 40mm away. For example, it could be under the table where your smartphone is lying face down.
If your screen has been hacked, it will start operating by itself. If you suspect your phone has been hacked, it's important to react immediately to prevent further damage. Here’s how you can tell if someone has gained control of your screen remotely:
Want to read more like this?
Get the latest news and tips from NordVPN.
You can protect yourself against touchscreen attacks in several ways, from adding more security to your phone to being more vigilant in public places.
Researchers recommend that smartphone manufacturers do more to secure smartphones against such attacks – like adding an EMI shield or improving operating systems with better detection algorithms.
As with many types of attacks, you can take several steps to protect yourself and prevent them from happening. Here are some tips on how to avoid a touchscreen attack:
Touchscreen hacking is a relatively new type of targeted attack. It's important to raise awareness to alert and encourage people to enhance their smartphone security.
While using a VPN won’t always prevent hacking attacks, it will encrypt your connection, enhancing your overall digital security and privacy. NordVPN also offers several advanced security features for staying safe online that can help prevent or reduce the likelihood of many types of cyberattacks.