Scariest of all, the researchers claim these hazardous screens can be made to look identical to the real thing -- meaning even handset technicians may not be able to distinguish the difference. Furthermore, the entire process is file-less, allowing it to go undetected by anti-virus software.

This type of low-cost attack is known as the "chip-in-the-middle" scenario. To carry out their malicious tasks, the researchers used an Arduino platform running on an ATmega328 micro-controller module. They also used an STM32L432 micro-controller, adding that most other micro-controllers could also do the job. They then used a hot air blower to separate the touchscreen controller from the main assembly boards, in order to access its copper pads. Next, they soldered a copper wire to attach their chips to the device.

Although this set-up looks far from inconspicuous, the team claims a little more effort could easily hide the altered part within a reassembled device. It's not just Android phones that are at risk either. The paper also indicates that iPhones could fall prey to the same types of attacks.