A new attack Inventory has been done by the Team of researchers in Germany they managed to grab stored cryptographic keys if the android device is at Frozen State for an Hour.
What this Method can do with Android Device?
- Bypasses Google’s data scrambling encryption system
- Reveal the phone’s hidden data
- Revealed previously scrambled data
- Including contact lists
- Browsing histories
That Team developed a software called FROST (Forensic Recovery of Scrambled Telephones) which transfer that data from the Phone for Analysis.
What is Abstract Saying?
“We present FROST, a tool set that supports the forensic recovery of scrambled telephones. To this end we perform cold boot attacks against Android smartphones and retrieve disk encryption keys from RAM. We show that cold boot attacks against Android phones are generally possible for the first time, and we perform our attacks practically against Galaxy Nexus devices from Samsung.”
“To break disk encryption, the boot loader must be unlocked before the attack because scrambled user partitions are wiped during unlocking. However, we show that cold boot attacks are more generic and allow to retrieve sensitive information, such as contact lists, visited web sites, and photos, directly from RAM, even though the boot loader is locked.“
Download FROST from here