Back to the top
Menu
Cart

Beware public mobile charging points - your phone can be hacked in minutes

Posted by Universal Store London on

Beware public mobile charging points - your phone can be hacked in minutes
By Madhumita Murgia / The Telegraph
Your smartphone can be easily hacked easily if you plug it in to charge via USB at a public place like an airport, cafe or on public transport.


Researchers at security firm Kaspersky Labs found that they could install a third-party application, like a virus, onto the phone via its USB cable connection to a computer. It took them under three minutes.

They also found that the Android and iOS phones tested leaked a host of private data to the computer they were connected to whilst charging, including the device name, device manufacturer, device type, serial number and even a list of files.

It's well known that public Wi-Fi connections are a security risk, as this iPhone-crashing bug showed, but USB connections to PCs are also a major vulnerability. This idea was proposed by hackers as a theory in 2014 but never proven. This new research shows this vulnerability is still open.

Beware public mobile charging points - your phone can be hacked in minutes

"The security risks here are obvious: if you’re a regular user, you can be tracked through your device IDs; your phone could be silently packed with anything from adware to ransomware. And, if you’re a decision-maker in a big company, you could easily become the target of professional hackers," said Alexey Komarov, researcher at Kaspersky Lab.

"And you don’t even have to be highly-skilled in order to perform such attacks, all the information you need can easily be found on the Internet."

Hackers have already exploited this connection: in 2013, Italian hackers known as "The Hacking Team" were able to infect a phone with malware through a computer connection.

They plotted the attack based on the device model of the victim, which the hackers managed to get through the USB-connected computer. "That would not have been as easy to achieve if smartphones did not automatically exchange data with a PC upon connecting to the USB port," Kaspersky Labs said. 

How to protect yourself

  1. Only plug your phone into trusted computers, using trusted USB cables
  2. Protect your mobile phone with a password, or with another method such as fingerprint recognition, and don’t unlock it while charging.
  3. Use encrypted apps like WhatsApp and iMessage to communicate
  4. Antiviruses can be a bore, but they help to detect malware even if a “charging” vulnerability is used.
  5. Update your mobile operating system to the most recent version, as that will have the most up-to-date bug fixes. 

Share this post



← Older Post Newer Post →


Leave a comment

Please note, comments must be approved before they are published.

Sale

Unavailable

Sold Out