A research team from the Georgia Institute of Technology says it has discovered a keyboard keylogger attack that can be done through a compromised iPhone.
The attack relies on exploiting the iPhone accelerometer technology.
“The accelerometer helps you figure out the orientation of the device,” says Patrick Traynor, assistant professor in Georgia Tech’s School of Computer Science. “It will adjust what’s in the screen and you can use it to turn your phone to play games.”
The Georgia Tech researchers have found a way to exploit the accelerometer to capture keystroke data on a nearby computer keyboard if the iPhone is positioned within a few inches of it. Traynor says the same type of attack could be used by exploiting other types of smartphones as well, such as Android, and the attack is more successful as manufacturers improve and refine accelerometer technologies.
The results of the research were presented at the ACM Conference on Computer and Communications Security in Chicago Tuesday.
“All of our experiments were on the iPhone,” says Traynor. The attack methodology relies on getting the victim to inadvertently install an iPhone app that is designed to collect this type of keyboard keylogger data, or have the function included in another type of app doing something like playing a game.
When the iPhone is positioned within a few inches of a computer keyboard, it can kinetically capture the keyboard’s physical vibration. The attack method has so far shown an 80 percent success rate, says Traynor. “Every time you touch a key you create a physical vibration and it’s recorded by the accelerometer in the phone.”
The experiments done with the iPhone 3GS did not test out too well, but the iPhone 4 was far more likely to give positive results in terms of keyboard logging capture. “It was much better with the iPhone 4,” says Traynor.
There’s enough memory in smartphones today to capture a lot of keyboard keylogger data, which can then be sent off to the Georgia Tech researchers for analysis in programs they’ve written, he points out.
The Georgia Tech research is not necessarily simple to do but it’s a proof of concept to show how the smartphone accelerometer technologies can be exploited, says Traynor. If anyone is concerned that others may be trying something similar, they can simply move their smartphone at least half a foot away from their keyboard, he notes, or store it elsewhere.
He said the research was done to learn more about possible security weaknesses in the accelerometer, just as similar research has been done into security issues that might arise due to cameras and microphones in mobile devices. It doesn’t require the iPhone to be “jail-broken,” he notes. “We just want people to take a realistic look at this,” so that mobile-device manufacturers and end users can be aware of the issue for the future that could grow in importance as accelerometer technologies improve over time.