Watch Your Phone: Novel USB-Based File Access Attacks Against Mobile Devices

Modern mobile OSs employ lock screens and user confirmation prompts to shield sensitive data from attackers with access to the device's USB port. In this talk, we present novel attacks and attack techniques that bypass both of these critical security mechanisms to gain USB-based file access on state-of-the-art mobile devices. In the first part of this talk, we uncover the shortcomings of user confirmation prompts for USB file access in iOS and Android. We present novel attack techniques that allow a malicious USB charger to effectively establish a data connection and inject input events at the same time. We show a live demo of an end-to-end attack that uses this technique to bypass user confirmation prompts for USB file access virtually stealthily on a state-of-the-art Samsung phone. In the second part of this talk, we present novel attacks against locked Android devices. These attacks exploit vulnerabilities in AOSP and vendor-specific Android variants to gain file access through USB. We show two live demos, one of which is an end-to-end attack that allows full read-write access to files on a locked Google Pixel running Android 14 or 15. We conclude our presentation with a discussion of suitable mitigations for our novel attacks. By: Florian Draschbacher | PhD Student, Graz University of Technology Lukas Maar | PhD Student, Graz University of Technology Full Abstract and Presentation Materials: https://ift.tt/bWOafit

source https://www.youtube.com/watch?v=UYKet66vLsg