AT commands attack: Android devices from 11 vendors are vulnerable to this attack
A group of security researchers has discovered that Android smartphones from 11 OEMs are vulnerable to hacking attacks from AT commands. This means that millions of Android devices out there are under the threat of AT commands attacks.
AT commands also known as Attention commands, were originally designed in the early 80s for controlling modems. However, this command is still in use in most modern smartphones to support telephony functions.
Although some AT commands have been standardized by regulatory and industry bodies, they have also been used by smartphone manufacturers and operating system designers to access and control device functionality in proprietary ways. According to the researchers, all the commands could allow an attacker to gain access to the device via the USB interface.
In order to find out the impact of AT command exploits, the researchers analyzed a range of smartphones from different vendors. They took over 2,000 Android smartphone firmware images across 11 vendors to build a database of 3,500 commands. They then executed these commands across 8 smartphones from 4 different manufacturers via USB connections.
The researchers found that there were different attacks using AT commands, including firmware flashing, Android security mechanism bypassing by making calls via USB, unlocking screens, injecting touch events, exfiltrating sensitive data, etc.
To exploit this vulnerability, all the attacker needs to do is hide the malicious content in any charging station, chargers or USB docks. Once the target phones are connected with the USB, the attacker can encroach the device and exploit the device AT commands for malicious activities.
Some of the OEMs vulnerable to AT command attacks are Samsung, Google, Motorola, LG, ASUS, Huawei, HTC, Sony, Lenovo, LineageOS, and ZTE.
The research team has notified the vendors about the security flaw and also have provided a list of phone models and firmware versions that are vulnerable to AT commands threat. “We have notified each vendor of any relevant findings and have worked with their security team to address the issues,” the researchers state in the paper.
In this study, the researchers have used Android smartphones as the subject to find out the impact of AT command attacks via USB interface on such devices. The researchers also have plans to carry out a similar study on Apple devices in the future and explore possibilities of AT command attacks through other modes of connection such as Bluetooth and Wi-Fi.
The study was carried out by researchers from the University of Florida, Stony Brook University, and Samsung Research America. The researchers presented details of their findings in a paper included in the Proceedings of the 27th USENIX Security Symposium.