Security expert says why he would never use a public phone chargerMay 3, 2023
I’m a cybersecurity expert – here’s why I would never charge my phone at a public USB port
- Using public charging stations can leave you vulnerable to hacking, experts say
- Criminals can corrupt chargers to clone your data and even access your camera
- Cyber security expert Adrianus Warmenhoven explains why he would never use a public station – and what you can do instead
Few of us would think twice about using a public charging station when our phone has run out of battery.
But experts are sounding the alarm over these types of devices as they can help hackers to download all of your data and even gain access to your camera to monitor you all day long.
The crime – known as ‘juice jacking’ – has become so prevalent that last month the FBI and the Federal Communications Commission (FCC) urged people to avoid using free charging stations – and always carry their own chargers instead.
And expert Andrianus Warmenhoven, who works for cybersecurity firm NordVPN, told Dailymail.com that he would never use a public station – no matter how desperately he needed to charge his phone.
Juice jacking is where a hacker is able to load malware onto the USB port or cable to these stations which are found in airports, train stations and shopping malls.
Experts are sounding the alarm over public phone charging stations which can give hackers access to your data and even your camera
Malware is a type of software designed to corrupt a computer system.
While your phone is charging, it is becoming infected with the malware which can clone your data – including all your credit card information, passwords, addresses and names – and transfer it back to the hacker’s device.
Criminals often take their victim’s data and sell it on the dark web – an underground, anonymous marketplace for fraudsters.
‘The problem with juice-jacking is that there are very few recorded cases of it,’ Warmenhoven told Dailymail.com.
‘That’s because most victims do not even know that it has happened to them.
‘Some will just find a few months down the line that money has gone missing from their account – and they’ll have no idea it was from the USB port they used.’
He added: ‘And it’s not just your data. In theory they could gain access to your camera and be monitoring you from there.’
Juice-jacking was a term first coined in 2011 after researchers created a compromised charging kiosk to raise awareness of the scam.
But historically it was less common as it was too sophisticated and expensive for a lot of hackers.
However hackers have become more brazen and have developed easier ways to carry out the attack.
A 2022 USB Threat report by Honeywell Forge found fraud cases relating to USB exploitation rose to 52% over four years.
Warmenhoven said: ‘We use our phones a lot more so we’re more reliant on public charging stations now.
Andrianus Warmenhoven, who works for NordVPN, told Dailymail.com that he would never use a public station
‘And you can now buy ready-made cables to carry out the attack. Even a technically inexperienced hacker could do it.’
Criminals can buy a Hack5 O.M.G adapter – which is able to compromise phone data – for as little as $7.
They could then very easily use it to replace a legitimate charging cable at a public station.
He adds that both the cable and the USB port carry risks.
‘You see these ‘charging lockers’ now on beaches and in tourist destinations. I would never use one.
‘Often they are manufactured by a third party. And it only takes one person in a factory to be bribed to corrupt the technology.’
He notes that people can buy USB data blockers for just a couple of dollars from most computer and homeware stores.
These devices look like thumb drives and plug directly into USB ports – acting as a shield between the port and device.
Alternatively, he advises bringing your own cable and plug and using an electricity-only plug socket or rely on a portable charging bank instead.
Tips to protect yourself from ‘juice-jacking’
Carry your own portable charger
Miniature public chargers can be bought for less than $10 while more robust versions typically cost around $20
Bring your own plug and cable – and use a traditional wall outlet
Regular plug sockets cannot be compromised so make sure to bring your own USB cable and plug so you can make use of a wall outlet
Consider buying a USB data blocker
This is a cheap and convenient way of allowing you to use public stations. These devices look like thumb drives and act as a shield between the wall and device. They can be bought for less than $10 on Amazon
Source: Read Full Article