“Frost” Attack Unlocks Android Phones’ Data By Chilling Their Memory In A Freezer

“Froze to death” is quite a heard and said phrase in English language. But “Froze to hack” is something which is about to hit the list very soon. One of the most ingenious plans to attack a system in order to sneak into the valuable information contained within the system is FROST (Forensic Recovery Of Scrambled Telephones) Attack . Researchers named Tilo Mueller and Michael Spreitzenbarth at the Erlangen University proved that one could retrieve secured and personal information from a Samsung Galaxy Nexus by cooling it down to five degrees Fahrenheit and immediately rebooting it.

This experiment was carried out back in 2008 on PCs but was never thrown as a challenge to the mobile devices. This time the researchers did challenge the Samsung Galaxy Nexus and showed that at a temperature of five degrees Fahrenheit, if one rapidly reboots the device, one can not only extract the data from the memory including the images, browsing history, emails etc but also, if one’s lucky enough, he can get an access to the key that can decrypt the encrypted part of the disk.

FROST Attack works on the principle of remanence which says that when the device is switched off, the RAM does not remove the information from the memory immediately. Instead the removal depends on the temperature of the RAM which in turn decides as to how long it would take for the memory to remove the information. According to Mueller, at a temperature of 30 degree Celsius, the information is lost in one or two seconds which implies that the cooler the memory gets the longer it takes to remove the data which gives one enough time to reboot the device and retrieve the information from the data pool of the memory.

As long as the key to the encrypted storage disk is concerned, if one is lucky enough to catch hold of it one can get easy access to the entire device. But that works only when the mobile phone has an unlocked bootloader. Whereas in case of Samsung Galaxy, they modified the phone in their latest version by locking the bootloader and automatically cleaning the user’s partition if the bootloader remains unlocked.

According to the researchers, if the phone isn’t switched off that frequently, one can expect retrieving rich amount of sensitive data from the phone like the entire address book, images, Wifi credentials and bits of text messages, emails, browsing history etc through FROST attack. They also emphasized on the fact that there aren’t any easy approaches to shield one’s phone from FROST attack. But some of the precautionary methods are switching off the phone and rebooting it frequently which leaves lesser amount of sensitive information in the memory.

So if you are convinced that just a PIN code or a pattern unlock is a technique enough to secure your phone, then Tech Entice merrily warns you that your conviction is likely to get cheated only by a mere functioning of a refrigerator. Isn’t that cool? Both metaphorically and literally?

Aurisha Sengupta is a Software Engineer. Apart from technology, she is an insatiable art lover and a perpetual student when it comes to knowledge in any form.