Skip to main content

Researchers hack Android phone using some clever software and oddly, a refrigerator

FROST NexusResearchers at the Erlangen University in Germany have come up with a system which could render private and even encrypted information stored on your Android smartphone available to hackers, regardless of whether it’s protected by a PIN code or complicated unlock gesture. It’s called a, “Cold boot attack,” and requires some special software, some patience and most importantly, a refrigerator.

The fridge is required to lower the temperature of the target Android phone. Once it has dropped below 10 degrees it’s quickly rebooted using a special technique which stops the phone reaching the unlock screen. With the phone in its fastboot mode, it’s attached using a USB connection to a computer and a new piece of software is flashed onto the phone.

This software, named FROST (which stands for Forensic Recovery of Scrambled Telephones), takes advantage of a phenomenon called Remanence, where previously accessed information sits about in the phone’s RAM for a few seconds just after it restarts. The freezing process has the effect of slowing down the data degradation to five or six seconds, which gives FROST enough time to grab the important parts before it’s all lost.

Personal data stored in RAM

So what can it find? Your PIN code for a start, which will provide complete access to the phone, or if that’s not possible the team has discovered lists of contacts, web browsing history and photos inside the RAM. Normally, all this information is wiped after the phone is unlocked, and versions of Android 4.0 Ice Cream Sandwich and later use a clever disk encryption feature which protects against hacks with circumnavigate the lock screen; but neither are effective against FROST.

While any hack can be used for malicious purposes, this is designed to aid law enforcement groups, providing them with a relatively easy way of recovering sensitive data from new smartphones. It’s demonstrated on a Galaxy Nexus, for which an image of FROST is available, although it will in theory work on most other Android phones. That said, Forbes points out certain data is only accessible if the bootloader is unlocked, and very few devices outside the Nexus range are sold this way.

As with any hack which threatens to expose some or all the personal information we store on our smartphones, FROST is a cause for concern. However, a hacker is going to have to be pretty keen to get at your data to use this attack, and turning off your phone more often should mean less information is stored in the RAM to discover. So just chill out.

Editors' Recommendations

Andy Boxall
Senior Mobile Writer
Andy is a Senior Writer at Digital Trends, where he concentrates on mobile technology, a subject he has written about for…
Android phones can now be used as a physical security key to your Google account
google android phone physical security key account

Worried about your digital security? Google has released a new way to get secure two-factor authentication that uses your phone as a kind of physical security key. In other words, if your phone has Android 7 or newer, you can use the physical device to log into Google apps and services on another device, without the need for a dongle.

To use the new feature, you will need to connect your phone to a computer through Bluetooth using the Chrome browser -- and Chrome will then use the phone to verify a login. The new tech will work for logging into Gmail, G Suite, Google Cloud, and any other Google service that uses the FIDO authentication standard.

Read more
How to use Your Phone app to transfer photos, send texts from your Android device
Microsoft Your Phone app

Do you ever email yourself a photo or screenshot to get it from your phone to your computer? Maybe you upload pictures to a service like Google Photos or Dropbox and then download them onto your PC. With Microsoft's Your Phone app, you can link your Android phone to your Windows PC or laptop directly and simply drag and drop photos or screenshots. The app also allows you to receive and send text messages from your phone on your computer. We'll show you how to set it up, what it can do, and where it falls short in this guide.
How to set up Microsoft's Your Phone
If you have a PC or laptop running Windows 10 April 2018 Update (Version 1803) or later, and an Android phone running Android 7.0 Nougat or later, then you can use Microsoft's Your Phone. Both devices must be connected to the same Wi-Fi network.

Note: Support for iOS is supposed to be coming, but there's no sign of it yet at the time of writing this guide. 

Read more
Hateful software kills our enthusiasm for newcomer Realme’s $155 Android phone
realme phone



Read more