Analysis of GhostTouch Attack

Posted on by Targeted Tech Talk
Estimated read time 3 min read

This article is also now available as a full video, click the link below to open the video in a new tab:

GhostTouch is a term introduced by security researchers who developed a proof of concept of remote touch screen exploitation using electromagnetic interference.

Researchers created electromagnetic interference by using a signal generator and an antenna in close proximity to a touch screen device. The front end of a touch screen device contains an analog sensor and this device is spoofed by the electromagnetic interference into thinking the interference is a real touch.

This type of exploit could be used in several ways including:

  • Implanting malware
  • Interference with calls and texts
  • Malicious connections that could allow remote access
  • Deleting information
  • Leaving false information

I believe this type of attack is used at a longer range against targeted individuals based on several reports. This fits in with a pattern of electromagnetic based attacks for several reasons:

  • It is an unconventional attack vector. Most people would assume it is something like Wi-Fi.
  • The effect is localized. Leaving a small signature targeting the device.
  • The attack blends in. It uses 120 Hz. Standard electrical wiring generates 60 Hz and some electrical components and devices generate 120 Hz (second harmonic) as part of their normal behavior. So the 120 Hz attack is indistinguishable from background noise.

So what can you do to defend yourself from this type of attack?

  • Awareness. This type of attack is now documented and understood, you don’t have to second guess the cause.
  • Identify Your Touch Screen Devices. This could include your phone, tablets, touch screen house controls or car systems.
  • Use Shielding. If you would like to protect your devices from this attack, the most useful techniques would be faraday shielding and grounding the device. You may wish to use Faraday bags for your phones and tablets when not in use. For other devices you may be able to create a removable faraday cover by using Velcro adhesive to cover the device when not in use. (could be constructed by cutting a Faraday bag to fit the screen, and then attaching Velcro to make it easy to remove when you need access to the screen.
  • Use alternatives. In some situations you may be able to use an alternative to a touch screen device. An example may be using a traditional alarm clock instead of your phone for alarms, etc.

References:

USENIX Security ’22 – GhostTouch: Targeted Attacks on Touchscreens without Physical Touch https://youtu.be/z9BwGDX-YYQ

image is creative commons public domain. source: https://picryl.com/media/iphone-smartphone-apps-computer-communication-6c10b6

targetedtechtalk@protonmail.com

Avatar for Targeted Tech Talk
Targeted Tech Talk https://www.targetedtechtalk.com

You May Also Like

More From Author