The development of technology has brought more electronic devices into our lives. For example, a smartphone, a product that weighs less than half a catty, carries most of the applications in life. A single smartphone comes with payment platforms, photography, social media applications, entertainment, and basically all personal information will be stored in this small smartphone. However, a smartphone performs the function of a personal information centre. Thus, it is a regular target for folks with ulterior motives to try and steal user information. However, what about a “hardware Trojan”? Have you heard about it?
There are different ways of planting a Trojan horse virus into a smartphone. This can be done by developing a software with the Trojan or by sending a text message with a link to plant the Trojan horse into a smartphone. Malicious hackers do this to obtain the various data and behaviour habits of smartphone users.
Of course, this method of planting Trojans has been controlled effectively by continuously upgrading the system security. To this end, hackers now have another method of stealing information from users’ smartphones. Unfortunately, this new method is more powerful, more high-end, and also oriented towards equipment. It is not just about the smartphone, this is not easy to spot.
Hardware Trojan – what is this exactly?
This more powerful and high-end method is to directly package the Trojan into the chip. Alternatively, they can fix it on the circuit board. This virus is called a “hardware Trojan”. The purpose of this is to achieve the purpose of obtaining sensitive information. Since this operation is extremely concealed, it is very difficult to detect. Many countries and institutions are also studying how to find out whether a smartphone has a “hard Trojan”.
A team of researchers at a University in Missouri recently seems to have solved the problem. They created a test called PDNPulse, which is based on measuring the power consumption of printed circuit boards. The aim of this is to spot and find small changes in what the industry calls power consumption “fingerprint”. Of course, they did this while comparing with known secure devices. This method can find out if a device has a “hardware Trojan”.
How to detect a hardware Trojan
The team claims that modification of the chip inevitably affects the power consumption characteristics of the chip, no matter how small. In tests, the researchers were able to detect changes in the “hard trojan” on various circuit boards with 100 percent accuracy.
In layman’s terms, the power consumption of a device with a “hard Trojan” is higher than that of the same device without a “hardware Trojan”. This principle is also suitable for evaluating the “Trojan horse” of the software layer. When the power consumption of the device increases, it may be that strange software resides in the system, resulting in a shorter standby time.
Of course, it is still unknown whether this method is really accurate because there are many human factors. For example, in order to discredit a company, testers can install a “hardware Trojan” in it before testing. Therefore, the corresponding testing supervision also needs to be better. There should be an international standard otherwise, it will become a smear tool.
It is important to note the power consumption rate of your smartphones. Your smartphone could go missing for a few hours only for you to spot it later on. You may consider this to be lucky but it could just be that a hard Trojan now resides in the device.
WARNING: Sharing power bank can implant Trojan in your device
In order to protect our smartphones from Trojans, we must be careful about certain practices. One of these practices is sharing power banks. According to reports, sharing power banks could be a conduit for implanting Trojans into your smartphones. Once you insert your smartphone into the power bank, the device becomes vulnerable. At that point, it can steal your personal information including contacts, photos, videos, etc.
In this regard, 360 network security experts said that the safety of power banks should not be ignored. 360 network security experts claim that malicious power banks generally have two purposes. The first is to steal the information on the user’s mobile phone, such as photos, videos, phone numbers, text messages and other user privacy in the mobile phone.
The other is the implantation of Trojan horses or other malicious programs. Once the user’s mobile phone has a Trojan horse or malicious programs, it can steal the data in the user’s mobile phone for a long time in the future. It will also download malicious programs for advertising promotion, and even use the user’s mobile phone for other malicious behaviours. In addition, another kind of harm from the Trojan is particularly serious. This is because the hacker can control your smartphone at will.
How to prevent this Trojan
How can we prevent this danger? It is best to bring your own charging power bank at any time. If you really need to share the power bank due to an emergency, below is some expert advice
As we said earlier, the best way to prevent this danger is to completely avoid sharing power banks. However, if you must, then make sure you use regular public power banks from big brands. Avoid using power banks with unknown origins and niche brands.
Secondly, Android phone users should try not to open “developer mode”. This will make them more vulnerable to attack.
Thirdly, when using the shared power bank and other third-party devices, pay attention to the prompts on the mobile phone. If there are similar prompts such as “do you trust this device” on the mobile phone, you must be vigilant. Once you select “Yes”, the third-party device has the right to operate the mobile phone. This means that it can easily implant a Trojan horse into the device.
In addition, when buying power banks, you should also choose products from regular manufacturers. Do not choose products from fringe sources for the sake of affordability.