We all like to think that our Android smartphones are secured the moment we apply some type of password to it. One of the most widely used types of passwords is the Pattern Lock system. Almost everyone nowadays uses this type of lock system, but what if we told you that your complex pattern lock can be easily cracked that too within five attempts?
According to research from Lancaster University, Northwest University in China, and the University of Bath, Germany, reveals that attackers can crack your pattern lock within five attempts by using video and computer algorithm software. The folks behind the research were able to unlock 95 percent of its test patterns within a five-attempt limit, the report said.
The research states that a hacker can covertly capture video of the victim drawing the pattern lock shape and then with the help of a computer vision algorithm, the attacker is able “to track the fingertip movements to infer the pattern.” So for example, if you are sitting at a pub or cafe, then an attacker can film you unlocking your device from a distance and then apply an algorithm to crack the pattern. “Using the geometry information extracted from the tracked fingertip motions, our approach is able to accurately identify a small number of (often one) candidate patterns to be tested by an adversary,” the report added.
What is more intruding is the fact that attack works without the video footage being able to see any of the screen content. The researchers note that the results are accurate on video recorded through a smartphone camera from up to two and a half metre distance and up to a nine-metre distance from a digital SLR camera.
Researchers carried out the test by using 120 unique patterns collected from different users. The researcher also noted that it was easier to crack all but one of the complex patterns as compared to the medium complex and simple pattern within the first attempt. This attack will enable the hackers to access the phone to “obtain sensitive data or would allow malware to be quickly installed on devices while their owners were distracted.”
This is not the first time that someone has revealed the vulnerability of a password-protected lock screen. Folks at The University of Texas at Austin in 2015 discovered a nasty bug that can grant anyone to access an Android phone with no software or coding involved. The researchers have said one can unlock a smartphone by creating a long string of characters just by copying and pasting on the phone app (Emergency Call).
Other than this, a new study by Kaspersky Lab said revealed a new type of Android malware, which uses Wi-Fi routers to access the sensitive information from the phones. The malware attacks the Wi-Fi network the user is connected to and gains access to the router by a brute-force password-guessing attack on router’s admin interface. The malware then changes the default DNS server configuration and one can get all the sensitive information from the smartphones connected to that network.This shows that despite being one of the most popular mobile operating systems in the world, the Android OS is prone to many security vulnerabilities and Android users should pay a close attention in order to make their smartphones safer.