A cell phones could be a treasure trove of information that could be used by hackers to steal credit card information and other sensitive data, a cyber security expert has warned.
The mobile phone is the most vulnerable electronic device to cyber crime, with the possibility that someone could intercept the data transmitted through the phone using an exploit, such as an embedded Trojan horse, or a specially crafted Trojan, he said.
An attacker could send the data to the right server and the phone would remain secure for months, but it could also be intercepted by someone else, or even a third party, according to the University of Queensland’s Matthew Hurd.
“If you’re a criminal or a spy, you might be able to do it in the blink of an eye,” he said on Tuesday.
He warned that the same vulnerability could also allow an attacker to steal data from a computer system, steal bank accounts, or otherwise gain access to the system.
In a paper published in the open-access journal Cybersecurity, Hurd and his colleagues said they had identified a way to bypass cell phone screens in mobile phones and devices such as a car, as well as a laptop and other laptops.
Hurd said the researchers had successfully cracked a smartphone screen on a laptop that had been stolen from a car and was in use by a driver for the company which owns the car.
They also demonstrated a vulnerability in an iPhone 5s and the iPhone 6, which is designed to use cellular data.
Using exploits to gain access can be done with an iPhone’s SIM card, Hudd said.
“There are vulnerabilities in the SIM card that allows you to do some interesting things with that SIM card,” he told AAP.
But it could take years before the devices were patched.
Instead, researchers suggested people could take steps to improve their mobile security and try to improve the device’s security to prevent future exploits, such an update to the device that locks a screen and restricts the use of that screen.
While a smartphone is unlikely to become an Internet-of-things platform for the majority of users, it could become a critical part of the cyber attack chain, Hidds said.
The authors also highlighted how hackers could use exploits to bypass cellular tower and network security and potentially gain access into a mobile phone network.
With more and more devices connected to the internet, Hids and his team warned, it is likely the world will be moving towards a world in which people will use the internet in a “cyber-physical” way rather than “cyberspace-physical”.
“We are seeing more and to a greater extent, the cyberphysical world is becoming a cyber-physical world,” he added.
More from the ABC: