The FBI’s warning is just the latest case of government concern over cybercrime known as “juice jacking,” which uses public USB ports to steal data such as credit card numbers or install malware on a user’s device. DefCon’s researchers say it dates back to 2011 Charging kiosk This demonstrated the potential cyber security risks of such stations. Years later, in a world where our smartphones serve as wallets, GPS, photo albums, and an always-on record of our personal communication and browsing history, accessing someone’s device is practically as invasive as entering their home.
Ritesh Sukh, an associate The University of Central Queensland professor and technology and society expert wrote in an email that public charging docks pose a “significant privacy risk”. Research shows that a malicious charging station can identify web pages loaded in your phone’s browser within 10 seconds, while “one minute of charging time is enough to compromise a user’s phone,” he wrote.
While it’s unclear how common these attacks are, and the number of victims isn’t widely publicized, repeated warnings from security agencies around the world “clearly indicate the continuing danger posed by this attack method,” Chugh wrote. Officials raised similar concerns California, India And Nigeria. The FCC’s website warns: “Don’t stop free USB charging Deleting your bank account.”
Tony Colson, executive director of the Cybersecurity Center at California State University, San Bernardino, says we need to start thinking about phones the way we think about credit cards. “You don’t go anywhere and start plopping your debit card,” he says.
He compares juicing to a credit card Skimming. Like the magnetic strips on credit cards, which are vulnerable to security threats, USB technology is old and “there’s not much security to it,” Coulson said. You can see it by looking at the USB plug: there are four connectors inside; Two for power, two for data. “There’s no fail-safe in between, once you’re plugged in — if the data speaks, the data speaks,” he says.
If you’ve been using public charging stations, experts say, make sure your phone doesn’t lose battery life too quickly; A significant slowdown in its operations; Excessive heat; Settings are changed without your input; and unusually high data usage. If you think you’ve been infected, uninstall suspicious apps, install anti-virus software, and — if you’re really concerned — reset the phone to its factory settings. You should also keep your phone software up to date.
To avoid being the first victim, Coulson encourages adopting new USB technology (like USB C) or buying charging-only cables that don’t allow data extraction. Wireless chargers are a much safer option, with “very few” cases of damage to such devices, Chug said.
When you plug a smartphone into a USB port, it might ask if it’s you Trust the device You are connected. It’s a signal that USB can do more than charge. Unless you’re tethered to your personal computer, say no, experts say.
If you need a USB port in a hurry, check if it has four or two connectors – many are made with four, but if there are two, it’s only for charging. “However It’s not a 100 percent rule,” cautions Coulson.
When it comes to his own device, “I only charge my phone with my own plug-in charger,” he says. “I’ve been doing it for years.”
