14 DAY TRIAL // A new way hackers can get into your phone, even though you have it protected by PINs and passwords is by spying on the motion sensors in your device.
According to a team of cyber researchers from the British Newcastle University, it's quite easy to steal a four-digit PIN by analyzing the way you tilt your phone and the way it moves as you type.
As they were testing things out to prove this theory, they were able to crack four-digit PINs on the first guess 70% of the time. Even better, or worse, depending how you look at it, 100% of all PINs were guessed by the fifth attempt.
"Most smart phones, tablets, and other wearables are now equipped with a multitude of sensors, from the well-known GPS, camera and microphone to instruments such as the gyroscope, proximity, NFC, and rotation sensors and accelerometer. But because mobile apps and websites don't need to ask permission to access most of them, malicious programs can covertly 'listen in' on your sensor data and use it to discover a wide range of sensitive information about you such as phone call timing, physical activities and even your touch actions, PINs and passwords," explains Dr. Maryam Mehrnezhad, the lead author of the paper.
Deeper issues
An even more worrying detail is that, on some browsers, it was discovered that if you open a page on your phone or tablet which hosts malicious code and then open your online banking account without closing the previous tab, criminals can spy on every personal detail you enter.
"And worse still, in some cases, unless you close them down completely, they can even spy on you when your phone is locked," they said.
A neural network was trained with data from people who actively use PINs for their various accounts. A Java Script exploit was used to get access to the phone.
The vulnerabilities have been shared with tech companies and browser makers. Apple and Firefox have already issued patches for this issue, while Google is looking for a fix.