How To Crack 4-Digits PIN On Android With Frost

Tilo Müuller and Michael Spreitzenbarth did a very interresting research at Erlangen University in Germany: they unlocked a mobile phone using so called cold boot attack. The most important part, on what is based the research, is that RAM contents fade away more slowly if RAM chips are cold.

In this paper, we aim at recovering valuable information from encrypted smartphones. Roughly speaking, we analyze the characteristics of the remanence eff ect on smartphones, prove that Android's boot sequence enable us to perform cold boot attacks, and show that valuable information can be retrieved from RAM. To this end, we present our recovery tool Frost (Forensic Recovery of Scrambled Telephones). Frost can be loaded to a smartphone after we got physical access to it, and without the need to have user privileges on it. We carry out our experiments exemplarily for Galaxy Nexus devices.

Detailed research description with pictures: FROST: Forensic Recovery Of Scrambled Telephones
Technical report: Forensic Recovery of Scrambled Telephones
Easy readable article in Forbes: "Frost" Attack Unlocks Android Phones' Data By Chilling Their Memory In A Freezer


Cracked 4-digit PIN