Android phone owner accidentally finds a way to bypass lock screen – BleepingComputer

David Schütz, a bug hunter, discovered a clever way to unlock any Google Pixel phone without a passcode — and the vulnerability may affect swaths of other Android phones as well.

According to a post on Schütz’s blog, the vulnerability is exploited by using another SIM card. First, a hacker with physical access to the phone would input three incorrect fingerprint scans, causing biometrics to be disabled.

From there, a hacker would remove the original SIM card and replace it with their own. They would then input the wrong PIN to unlock the foreign SIM.

This causes the phone to instead ask for the SIM’s PUK code, or Personal Unlocking Key, which the hacker would know since they’ve placed in their own SIM. When that’s inputted, the phone inexplicably unlocks to the home screen.

And this was no fluke: Schütz says he was able to replicate this multiple times, both on a fully updated Pixel 6 and an older Pixel 5.

“My hands started to shake at this point,” Schütz said in the post. “‘What the f**k? It unlocked itself?'”

Exit mobile version