Zero Click Attack

Shaker, Ahmed Mohamed Nader Fayrouz; Mohamed, Ahmed Magdy

doi:10.21608/iugrc.2021.245413

Zero Click Attack

Document Type : Original Article

Authors

¹ New Cairo academy, fifth settlement, Egypt.

² Electrical engineering department, Faculty of engineering, Suez Canal university, Egypt.+

³ Communication engineering department, New Cairo academy, Higher Institute of Engineering and Technology, New Cairo City, Egypt.

10.21608/iugrc.2021.245413

Abstract

Zero-click-attack is a new method that allows you to take control of devices and bypass security providers to get to the data servers for an organization or a group of people in the same area. This study aims to investigate and analyze how to do this attack, as well as the ways to protect the people and organizations from it. The research is based on a group of approaches that have previously been used to attack devices such as: evil twin attack, in addition to social engineering attacks and other ways to achieve the same thing, and also malware programs.
On the other side, the research examines how data providers can protect their users from such attacks, as well as the options available to ordinary users to avoid such attacks. There are two primary ways to carry out this attack; firstly, sending harmful payloads to a target's mobile phone over a cellular network by calling them or sending an empty SMS or MMS.
The Second method is to use social engineering to lure the target to an exploitations sites that will link the target's phone to many servers and send harmful messages or a malware application.
The results suggest that the attack may be performed to anyone who is unaware of how to secure his data, as well as data providers who are unfamiliar with how to improve their security defenses against such attacks which can be carried out in a variety of ways.

Keywords