Researchers operating out of the University of Florida, Stony Brook University and Samsung Research America have made a disturbing discovery. Millions of Android smartphones manufactured by eleven different OEMs (Original Equipment Manufacturers) were found to be vulnerable to attack via AT Commands.
If you’re not sure what an “AT Command” is, you’re not alone. Part of the Hayes Command Set, ATtention Commands were developed in the early 1980s and designed to be transmitted via phone lines to issue commands to modems.
Most people aren’t even aware of the fact that their high-tech smartphones contain a basic modem within them, which allows the high-tech wonder to connect to the internet. While AT Commands have been standardized, many vendors have added custom AT Commands to their devices, and unfortunately, these commands can control a surprising variety of advanced features including the built-in camera and the touchscreen interface.
The AT Commands can be accessed via the phone’s USB interface. This means that a would-be attacker would have to gain physical access to the device, or place a malicious component inside a user’s charger, charging station, or USB dock.
Once a hacker is connected in this manner to the victim’s phone, he could use one of the AT Commands to steal data, unlock the screen, mimic touchscreen events, or even rewrite the phone’s firmware.
The research team has complied a database of phone models and firmware versions that are vulnerable to this type of attack. They have contacted all the vendors, and are continuing their testing.
Initially, the team tested AT Commands via the USB interface. Phase two of the research will test to see if those commands can be issued via WiFi or Bluetooth connections. The team has also published the Shell script they used in their original testing, available on GitHub.
So far, none of the OEMs contacted have released any information or given a timetable for a fix.