"Touchscreens: Attack from the Charging Socket"

Researchers from TU Darmstadt and Zhejiang University in Hangzhou discovered that touchscreens on mobile devices can be attacked and manipulated via charging cables and power supply units. The researchers used charging cables and power adapters to launch attacks on capacitive touchscreens, revealing a new method of attacking mobile devices. They were able to create false touches, called "Ghost Touches," on multiple touchscreens and manipulate the device using them. The research team faced two challenges, with the first being to affect the capacitive touchscreens with a charging-only cable while avoiding hardware damage. Resistive filters are commonly used in electronic devices' circuits to ensure a stable power supply. Therefore, it was necessary to create an attack that would work even if a charging-only cable were being used without a data channel, which is commonly used in public places for privacy and security reasons. Second, in order to manipulate the device, the touch points had to be precisely controlled. This was required for malicious Bluetooth connections to be established, users to be tapped by a phone call, or malware to be received. In addition to the attack scenarios, the international research team's paper describes potential software and hardware-based countermeasures. A hardware-based functional tool can disrupt the common-mode attack signal, while software-based measures can be used to detect the altered capacity or to identify reliable charging stations, similar to the fingerprint mechanism. This article continues to discuss the team's demonstrated Ghost Touch attack on capacitive touchscreens. 

TU Darmstadt reports "Touchscreens: Attack from the Charging Socket"