Repairing the screen in an unofficial center can be a cheap solution but it also represents a risky choice for the security of the phone
When we break the screen of the smartphone our first thought is the cost necessary to repair it. Yet when we take the display to be repaired we must also pay attention to computer security. Thanks to an advanced technique, malicious people can spy on us by tampering with the device.
The researchers of Ben-Gurion University of the Negev, in Israel, discovered this illegal technique. According to the study, carried out by experts ahead of the Usenix 2017 conference, many unofficial replacement components, such as the screen, microphone and other parts of smartphones, actually contain hardware that can disable certain functions if necessary or constantly spy on what we do with the phone. Obviously without us noticing anything. In this way, the malicious people who have repaired the device can record our passwords and the credentials of our bank accounts.
Beware of repairs
From a first analysis, this technique has been used not only to spy on users but also to install applications and files on smartphones and tablets without the owner's will. So as to favor groups of cyber criminals with paid ads and Internet traffic. Researchers have struggled to find smartphones with malicious replaced parts. Because the hardware installed during the repair cannot be traced by normal antivirus software. The advice to avoid these privacy-related problems is to turn exclusively to official service centers. But, especially in a universe as vast as Android, it's easier to find a third-party repair center than an official one. To give an idea of the possible scope of such attacks, Israeli researchers have compiled the numbers of damaged displays worldwide. Nearly 50% of mobile users have broken the screen at least once, and only 20% of them decided not to repair the damage.
How to defend yourself
According to experts, the most effective way to defend against such attacks is to install anti-spyware hardware on the phone before taking it in for service. Finally, it should be remembered that the risk of malicious repairs affects both Android and iPhone smartphones.