Skip to main content

Now you know Charging Phones In Public Is A Security Risk


Charging mobile devices using public sockets could be transmitting host of details, Kaspersky Lab warns
Mobile users have been warned that charging up their smartphones or tablets using public power sockets could expose their devices to criminals.


An investigation from Kaspersky Lab found that smartphones can even be compromised when charged using a standard USB connection connected to a computer.
Information including a device’s serial number, electronic chip ID and file system list can be revealed to third parties when such a service is used, meaning users could be unknowingly identified and even tracked.

At risk

image: http://www.techweekeurope.co.uk/wp-content/uploads/2016/05/shutterstock_137416073-600x400.jpg
charging phoneResearchers said both Android and iOS devices could be compromised when connected to a PC to charge, with the latter acting as an unwitting window into the user’s information.
Most of the data is transmitted during the handshake’ (a process of introduction between the device and the PC/Mac it is connected to), which can also include the device’s name, manufacturer and type.
In its investigation, the Kaspersky Lab team was able to show off the damaging effects a connection could bring, as they were able to re-flash a smartphone and silently install a root application on it, creating what they called “a total compromise” of the device.
“It is strange to see that nearly two years after the publication of a proof-of-concept demonstrating how a smartphone can be infected though the USB, the concept still works,” said Alexey Komarov, researcher at Kaspersky Lab.
“The security risks here are obvious: if you’re a regular user you can be tracked through your device IDs; your phone could be silently packed with anything from adware to ransomware; and, if you’re a decision-maker in a big company, you could easily become the target of professional hackers,.
“And you don’t even have to be highly-skilled in order to perform such attacks, all the information you need can easily be found on the Internet.”
The company is advising users to only trusted USB charging points and computers to charge a device, as well as setting up a password or fingerprint log-in using encryption technologies.

Comments

Post a Comment

Popular posts from this blog

Security Alert; Bart Ransomware Bypasses Corporate Firewalls

A new ransomware variant has emerged that’s similar to widespread threats such as Dridex 220 and Locky Affid=3, but uses a security-evading technique that may allow it to attack organisations protected from other malware, according to computer security researchers. Ransomware has spread quickly in the last few months, as a number of payouts have attracted cyber-criminals to the technique.
Post a Comment
Read more

Buhari Considers Hadiza Bala Usman As Head Of NPA

Nigerian Ports Authority (NPA) and the Minister of Transportation, Mr. Chibuike Amaechi, has submitted Ms. Hadiza Bala Usman’s name to President Muhammadu Buhari to take over as the new managing director of NPA, says Reporter.Should Buhari approve the recommendation, Ms. Bala Usman, 40, will become the first female chief executive of a top tier federal government agency and of the NPA. She shall take over from Alhaji Habib Abdullahi, who was reinstated by Buhari in August 2015 as the managing director of NPA, after he had been shown the exit by former President Goodluck Jonathan in April 2015.
Post a Comment
Read more

Yahoo Fails To Reveal Buyer, Suffers £332m Loss In Q2

Yahoo has failed to update investors on the sale of its core internet business as it revealed it suffered a £332 million loss in its second quarter. Instead, CEO Marissa Mayer said that “progress” has been made on its strategic alternatives but failed to define what that subjective term meant. Yahoo saw a rise in revenue to $1.3 billion (£1bn) in the second quarter, with mobile revenue growing from £252 million to $378 million (£287m).                  
Post a Comment
Read more