Title: BEWARE PUBLIC MOBILE CHARGING POINTS – YOUR PHONE CAN BE HACKED IN MINUTES
1BEWARE PUBLIC MOBILE CHARGING POINTS
YOUR PHONE CAN BE HACKED IN MINUTES
Your smartphone will be easily hacked easily if
you plug it in to charge via USB at a public
place like a Train, restaurant or on public
transport. Some conditions, like a completely
charged battery, facilitate a fast and accurate
penetration, whereas others, such as tapping the
screen while a page is loading, reduce hackers
ability to determine what website is
being viewed. The vital finding from the study is
that such an attack is carried out successfully,
researchers said.
In the study, the slower, less accurate attempts
at penetration were still accurate at intervals
six seconds about the time. Although this was an
early study of power use signatures, its
terribly likely that data besides browsing
activity may also be stolen via this side
channel, said Gasti. Since public USB charging
stations are so widely used, people have to be
compelled to be aware that there can be security
problems with them. for example, informed users
may choose not to browse the net while charging,
he said.
2- Researchers at security firm Kaspersky Labs found
that they may install a third-party application,
sort of a virus, onto the phone via its USB cable
connected to a pc. It took them below 3 minutes. - They also found that the Android and iOS phones
tested leaked a bunch of personal information to
the pc they were connected to while charging, as
well as the device name, device type, device
manufacturer, serial number and even a list of
files. - Its well known that public Wi-Fi connections are
a security risk, as this iPhone-crashing bug
showed, however USB connections to PCs are also a
significant vulnerability. this idea was
projected by hackers as a theory in 2014 but
never proven. This new analysis shows this
vulnerability remains open. - The effective power string of Arabic text would
crash a friends iPhone if they were sent it in
May 2015 - A prank website crashsafari.com crashed iPhones
and influence other phones and devices in
January 2016 - Many iPhone half-dozen users who had their
touchscreens replaced by third parties are hit
by the Error 53 message that disables an iPhone
if touch ID has been tampered with - Changing the date to January 1, 1970, on iPhone
5s and later renders the iPhone useless when it
is rebooted - Apple released an emergency update to its
software in August 2016 - after the most refined spyware ever seen was
used to try and attempt to break into the phone
of an Arab activist - The security risks here are obvious if youre a
daily user, youll be tracked through your
device IDs your phone could be silently filled
with anything - from adware to ransomware. And, if youre a
decision-maker in a huge - company, you may easily become the target of
skilled hackers, said Alexey Komarov, a
researcher at Kaspersky laboratory. - And you dont even have to be highly skilled in
order to perform such attacks, all the
information you wish will easily be found on the
web.
3- Hackers have already exploited this connection
in 2013, Italian hacker s called The Hacking
Team were ready to infect a phone with malware
through a pc connection. - They premeditated the attack based on the device
model of the victim, that the hackers managed to
induce through the USB-connected pc. That - wouldnt have been as straightforward to achieve
if smartphones did not automatically exchange
data with a computer upon connecting to the USB - port, Kaspersky Labs said.
- How to shield yourself
- Only plug your phone into trustworthy computers,
using trusted USB cables - Protect your mobile with a password, or with
another methodology like fingerprint
recognition, and dont unlock it while charging. - Use apps which are encrypted like WhatsApp and
iMessage to communicate - Antiviruses may be a bore however, they assist
to detect malware even if a charging
vulnerability is employed. - Update your mobile operating system to the most
recent version, as that may have the most
up-to-date bug fixes.