BEWARE PUBLIC MOBILE CHARGING POINTS – YOUR PHONE CAN BE HACKED IN MINUTES

1
BEWARE PUBLIC MOBILE CHARGING POINTS
YOUR PHONE CAN BE HACKED IN MINUTES
Your smartphone will be easily hacked easily if
you plug it in to charge via USB at a public
place like a Train, restaurant or on public
transport. Some conditions, like a completely
charged battery, facilitate a fast and accurate
penetration, whereas others, such as tapping the
screen while a page is loading, reduce hackers
ability to determine what website is
being viewed. The vital finding from the study is
that such an attack is carried out successfully,
researchers said.
In the study, the slower, less accurate attempts
at penetration were still accurate at intervals
six seconds about the time. Although this was an
early study of power use signatures, its
terribly likely that data besides browsing
activity may also be stolen via this side
channel, said Gasti. Since public USB charging
stations are so widely used, people have to be
compelled to be aware that there can be security
problems with them. for example, informed users
may choose not to browse the net while charging,
he said.
2

• Researchers at security firm Kaspersky Labs found
  that they may install a third-party application,
  sort of a virus, onto the phone via its USB cable
  connected to a pc. It took them below 3 minutes.
• They also found that the Android and iOS phones
  tested leaked a bunch of personal information to
  the pc they were connected to while charging, as
  well as the device name, device type, device
  manufacturer, serial number and even a list of
  files.
• Its well known that public Wi-Fi connections are
  a security risk, as this iPhone-crashing bug
  showed, however USB connections to PCs are also a
  significant vulnerability. this idea was
  projected by hackers as a theory in 2014 but
  never proven. This new analysis shows this
  vulnerability remains open.
• The effective power string of Arabic text would
  crash a friends iPhone if they were sent it in
  May 2015
• A prank website crashsafari.com crashed iPhones
  and influence other phones and devices in
  January 2016
• Many iPhone half-dozen users who had their
  touchscreens replaced by third parties are hit
  by the Error 53 message that disables an iPhone
  if touch ID has been tampered with
• Changing the date to January 1, 1970, on iPhone
  5s and later renders the iPhone useless when it
  is rebooted
• Apple released an emergency update to its
  software in August 2016
• after the most refined spyware ever seen was
  used to try and attempt to break into the phone
  of an Arab activist
• The security risks here are obvious if youre a
  daily user, youll be tracked through your
  device IDs your phone could be silently filled
  with anything
• from adware to ransomware. And, if youre a
  decision-maker in a huge
• company, you may easily become the target of
  skilled hackers, said Alexey Komarov, a
  researcher at Kaspersky laboratory.
• And you dont even have to be highly skilled in
  order to perform such attacks, all the
  information you wish will easily be found on the
  web.

3

• Hackers have already exploited this connection
  in 2013, Italian hacker s called The Hacking
  Team were ready to infect a phone with malware
  through a pc connection.
• They premeditated the attack based on the device
  model of the victim, that the hackers managed to
  induce through the USB-connected pc. That
• wouldnt have been as straightforward to achieve
  if smartphones did not automatically exchange
  data with a computer upon connecting to the USB
• port, Kaspersky Labs said.
• How to shield yourself
• Only plug your phone into trustworthy computers,
  using trusted USB cables
• Protect your mobile with a password, or with
  another methodology like fingerprint
  recognition, and dont unlock it while charging.
• Use apps which are encrypted like WhatsApp and
  iMessage to communicate
• Antiviruses may be a bore however, they assist
  to detect malware even if a charging
  vulnerability is employed.
• Update your mobile operating system to the most
  recent version, as that may have the most
  up-to-date bug fixes.