News

Hackers Can Break Fingerprint Unlocking On Phones Within Hours

A team of cyber security researchers at Tencent Labs and Zhejiang University reveals that a potential method to “brute-force” fingerprints on Android devices.

According to that,if a hacker has physical access of the device and sufficient time, with the new technique they may be able to unlock the device.

MAL And CAMF

As per the reports, the two zeros vulnerabilities named Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL) which not only affect the Android devices but also affects Apple’s iOS and Huwaei’s HarmonyOS.

Though, the researchers were able to accomplish two goals by taking advantage of these weaknesses. First, they enabled an infinite number of fingerprint scanning attempts by getting around Android’s cap on attempts.

Second, they improved their attack startegy by utilising databases derived from academic datasets, biometric data leaks, and other sources.

How Does It Work

In order to carry out these attacks,the attackers needed a few essential components including an Android smartphones in their actual possession, enough time, and hardware that cost around $15.

In addition, the researchers named the attack as “Bruteprint” and claimed that it would take between 2.9 and 13.9 hours to compromise the security of a device with just one fingerprint registered.

On the other hand, devices that have multiple fingerprint records were discovered to be significantly simpler to compromise. With an average time of succesfull “brute-printing” ranging from 0.66 to 2.78 hours.

According to the Research by the team of researchers conducted an experiment on ten “popular smartphone models” including a few iOS devices. Whereas, the vulnerable models were not disclosed. But the researchers reported that they were able to bypass the attempt limit and perform unlimited tries on HarmonyOS and Android devices.

Which Phone Is Safer?

iOS is quite a safer device, as the hackers were only able to gain an additional tem attempts on iPhone SE and iPhone 7 model. Whi h depicts insufficient to successfully carry out the attack.

On the other hand, iOS may have potential vulnerabilities related to these flaws. The current method of brute-force entry is inadequate.

In conclusion, the researchers said that while this sort of attack may be not appealing to typical hackers. But, it could be interested for many people and law enforcement agencies.

Read more:

Voice Chat With ChatGPT On Android Phones: Here’s How

WhatsApp’s Exclusive Feature For iOS Users:Not For The Android Users

 

Sponsored
Senoria Khursheed

Leave a Comment
Share
Published by
Senoria Khursheed

Recent Posts

Pakistan Launches First National Sex Offenders Register to Combat Sexual Violence

Pakistan has taken a significant step towards addressing sexual violence and abuse with the introduction…

4 mins ago

SBP Chief Reports October Remittances Exceed $3 Billion

KARACHI: The State Bank of Pakistan (SBP) is anticipating $500 million from the Asian Development…

14 mins ago

Sindh Assembly Reveals 28,500 Govt Employees’ Spouses as Illegal BISP Beneficiaries

The Sindh Assembly was informed that over 28,500 employees of the provincial government were unlawfully…

1 hour ago

SBP Eases Policy Rate by 2.5% as Inflation Shows Steady Decline

The Monetary Policy Committee (MPC) of the State Bank of Pakistan decided to cut the…

1 hour ago

SECP to Host Pakistan Startup Summit in Karachi Next Week

The Securities and Exchange Commission of Pakistan (SECP) is organizing the Pakistan Startup Summit, which…

2 hours ago

Fake News by Pakistani AI Website Sparks Turmoil in Ireland

On October 31, 2024, Halloween was celebrated worldwide, and the holiday spirit still lingers. Pakistan…

2 hours ago