Skip to main content

Now you know Charging Phones In Public Is A Security Risk


Charging mobile devices using public sockets could be transmitting host of details, Kaspersky Lab warns
Mobile users have been warned that charging up their smartphones or tablets using public power sockets could expose their devices to criminals.


An investigation from Kaspersky Lab found that smartphones can even be compromised when charged using a standard USB connection connected to a computer.
Information including a device’s serial number, electronic chip ID and file system list can be revealed to third parties when such a service is used, meaning users could be unknowingly identified and even tracked.

At risk

image: http://www.techweekeurope.co.uk/wp-content/uploads/2016/05/shutterstock_137416073-600x400.jpg
charging phoneResearchers said both Android and iOS devices could be compromised when connected to a PC to charge, with the latter acting as an unwitting window into the user’s information.
Most of the data is transmitted during the handshake’ (a process of introduction between the device and the PC/Mac it is connected to), which can also include the device’s name, manufacturer and type.
In its investigation, the Kaspersky Lab team was able to show off the damaging effects a connection could bring, as they were able to re-flash a smartphone and silently install a root application on it, creating what they called “a total compromise” of the device.
“It is strange to see that nearly two years after the publication of a proof-of-concept demonstrating how a smartphone can be infected though the USB, the concept still works,” said Alexey Komarov, researcher at Kaspersky Lab.
“The security risks here are obvious: if you’re a regular user you can be tracked through your device IDs; your phone could be silently packed with anything from adware to ransomware; and, if you’re a decision-maker in a big company, you could easily become the target of professional hackers,.
“And you don’t even have to be highly-skilled in order to perform such attacks, all the information you need can easily be found on the Internet.”
The company is advising users to only trusted USB charging points and computers to charge a device, as well as setting up a password or fingerprint log-in using encryption technologies.

Comments

Popular posts from this blog

US Demands Immediate End To South Sudan Fighting

The United States demanded an immediate end to renewed fighting in the capital of South Sudan on Sunday, ordering all non-essential personnel out of the troubled country. "The United States strongly condemns the latest outbreak of fighting in Juba today between forces aligned with President Salva Kiir Mayardit and those aligned with First Vice President Riek Machar Teny, including reports we have that civilian sites may have been attacked," State Department spokesman John Kirby said in a statement.

Canada Police Thwart Potential Attack,Suspect Shot Dead

Canadian police shot dead an alleged Islamic State sympathizer who was about to activate an explosive device in Ontario late on Wednesday, media reports said as police confirmed thwarting a “potential terror threat”. There was no immediate confirmation from Canada’s federal police that anyone had been shot, with a statement saying only that a suspect had been identified and that they had taken “action” after receiving “credible information” about a potential attack. “Earlier today, the RCMP received credible information of a potential terrorist threat. A suspect was identified and the proper course of action has been taken to ensure that there is no danger to the public’s safety,” the Royal Canadian Mounted Police (RCMP) said in a statement. They did not say where the incident took place. Media reports said the suspect was a 24-year-old man who had been arrested in 2015 for expressing support for the Islamic State group in postings on social media. He had been released in February ...

Lafarge Africa Posts N30bn Drop In Half-Year Profit

Lafarge Africa Plc, a leading cement and building solutions provider, yesterday announced a loss of N30.1 billion for the half year ended June 30, 2016, compared with a profit after tax of N27.3billion in the corresponding period of 2014.