A simple smartphone hacking measure is to 'restart'

Regarding hacking to smartphones, which has been increasing in recent years, the Associated Press reported that 'restarting smartphones is effective as a countermeasure against hacking.'

Turn off, turn on: Simple step can thwart top phone hackers


The reason why restarting is effective as a countermeasure against hacking of smartphones is that in recent hacking, the mainstream method is to exploit the 'zero-click vulnerability' that allows malware to be installed without any user operation. According to AP communications, hacking so far has been mainly persistent attacks such as installing malicious software on the root file system , but in recent years Apple and Google have secured security to block malware in the core operating system of smartphones. Since it was incorporated, it is becoming difficult to make a permanent attack. From this background, there is a shift from the hack that 'the effect lasts instead of the high difficulty' to the hack that 'the effect disappears when restarted instead of the low difficulty', and the representative of the latter is zero click. It's a method of exploiting vulnerabilities.

One example of a zero-click vulnerability was a vulnerability in iMessage on iOS 13.5.1 on the iPhone. If this vulnerability is exploited, it is possible to infect the targeted iPhone with malware without receiving suspicious messages or accessing dangerous URLs, and monitor celebrities and politicians around the world. It is known that the spyware ' Pegasus ', which has been talked about as being, used this vulnerability.

Journalists hacked by government for 'zero-click vulnerability' hidden in iPhone iMessage-GIGAZINE

The reason why attacks that exploit these zero-click vulnerabilities are nullified by rebooting is that the malware infection is 'in memory'. Attacks that exploit zero-click vulnerabilities have become difficult to break into core operating systems due to advances in security, but they are relatively easy to break into in memory and are rarely detected. Since the data in memory is wiped out by restarting the smartphone, restarting is effective for attacks that exploit these zero-click vulnerabilities.

Rebooting does not prevent the attack itself, but it is an act of 'increasing the burden on the attacker', and it is possible that all personal information such as passwords will be extracted with a single attack. However, the US National Security Agency (NSA) counts reboots as one of the measures in the ' Best Practices Guide for Mobile Device Security' published in 2020, and the Associated Press 'reboots once a week. It should be done. '

in Security, Posted by log1k_iy