Computer scientists from UC Davis university have developed an Android app named TouchLogger that logs keystrokes using a smartphone’s sensors to measure the locations a user taps on the touch screen.
Researchers have demonstrated that it is possible to log individual keystrokes entered on a smartphone’s on-screen keyboard using device’s built-in accelerometer (also known as the gyroscope). The researches were able to correlate the movements of the phone with individual keystrokes on an all-numeric keypad with an accuracy of about 70%. With minor refinements, the researchers believe they can expand the effectiveness of TouchLogger.
Applications like these can be potentially dangerous as an application does not require special privileges to access the device’s accelerometer. Major smartphones, like Apple’s iPhone, RIM‘s Blackberry, etc. give a user the freedom to define special permissions for applications to define their level of access. Usually within these permissions not much importance is given to those pertaining to the device’s movements.
The developers of TouchLogger created this application for a PoC to be presented at HotSec’11, San Francisco. Presentation video available here (mp4) and the paper can be downloaded from here. A preliminary evaluation of the tool was done using HTC Evo 4G smartphone.
Following table shows the distribution of inference results which are evident for the app being correct 70% of the time.
A less original, but rather more effective approach is taken by Android malware called GingerMaster. It uses a root exploit called GingerBreak to permanently compromise the smartphone. According to security researcher Xuxian Jiang, GingerMaster is the first piece of malware to deploy a root exploit for Android 2.3.3 “Gingerbread”. It is concealed in repackaged legitimate apps and registers a receiver which will be
notified when the smartphone has finished booting. Once installed, it then launches a background service.