$200 robot hacks Android phone PIN in 20 hours

Wednesday, July 31, 2013
By OP Editor

Android phones will just sit there and let themselves get hacked by a robot, while the brute force robot attack doesn’t work on Apple iOS devices.

R2B2 robot hacks Android phone PIN

Security researchers Justin Engler and Paul Vines will demo the R2B2, or Robotic Reconfigurable Button Basher, at security conference Blackhat taking place this week. Justin wrote that the robot controller source code will be published at DEFCON, “sometime around July 3, 2013.” But I think he meant August 3, 2013 as Defcon is taking place August 1 to 4.

The $200 R2B2 robot punches in PIN code combinations until it unlocks an Android phone. The robot will also hack Android lock patterns in the near future. Here’s a quick twelve-second video showing the Android hacking robot in action:

And a longer time lapse video of the robot punching around 1200 PINs:

The exploit works on “every Android phone” the researchers tested, which most likely included Samsung Galaxy phones. However, it doesn’t work on iOS lock screen pin pad, because Apple uses better security by default. Forbes:

“Not all PIN-protected devices are susceptible to the R2B2′s brute force attack, Engler admits. Apple’s iOS, for instance, makes the user wait increasing lengths of time after each incorrect PIN guess. After just a handful of wrong answers, the phone can lock out a would-be hacker for hours before granting access to the PIN pad again.

But every Android phone that Engler and Vines tested was set by default to use a much less stringent safeguard, delaying the user just 30 seconds after every five guesses. At that rate, the robot can still guess five PINs every 35 seconds, or all 10,000 possibilities in 19 hours and 24 minutes.”

I wonder how long would Samsung’s copy machine take to copy this feature.

Share

Related Posts

  1. NBC: Samsung Android phone hacked in seconds at Sochi Olympics (updated)
  2. iPhone thief left his Samsung Galaxy Android phone behind
  3. Android apps including those in Google Play Store vulnerable to MitM remote code execution exploit
  4. Verizon: iPhone 4 Sales Sets Record, Beats Android in 2 Hours
  5. Samsung creating its closed system around Android

Tags: Android, Fail, Samsung, Video

Site Search

iPad Air 2 Case

Popular Tags