Recommendations for Travellers: Do Not Use Public Charging Stations

In November, the Los Angeles County District Attorney’s Office issued a warning against charging devices through USB-powered charging stations, at airports, in hotels, at railway stations, and other public places.

Travellers are advised to avoid using public charging stations as the ports may be infected by malicious software or malware (malicious code, or software that usually damages, destroys, or steals information from the system).

This fraud is known as “juice jacking” and can be defined as a cyber attack that involves spreading malicious software via charging stations located in public areas in order to infect phones and other mobile devices of unsuspecting users.

While most legitimate charging stations probably work all right, it is possible that some of them are configured to install malware on phones. Even a short connection of a phone or tablet to an infected port can compromise all data on the device.

The attack uses a charging port or an infected cable to export the data from the connected device or to infect the device with a malicious code.

You may have noticed, when you charge up your phone through your computer’s USB port, you are able to move files between these devices. A standard connector has got five pins whereas only one is needed for charging. The other ones are used to transfer the data. It means that whenever a user plugs into the USB port, he/she may give hackers a way in to steal the data or install the malicious software.

Therefore, SK-CERT encourages travellers to consider investing in protective devices for USB cables that prevent accidental data exchange when the device is plugged into another device through a USB cable. Protective devices for secure USB connections allow only power transfer, as they do not connect pins to transfer the data.

We also recommend to all users:

  1. Use an electrical socket, not a USB charging station – for safe charging, use your charger with your own USB cable.
  2. Charge your phone with your charger in the car or use a power bank – if you have no choice during your travel, use alternative forms of charging without plugging the USB charging cable in an unfamiliar environment.
  3. Do not use cables plugged in charging stations – if USB charging cables that do not belong to you are plugged in charging stations, do not use them.

Sources:

https://www.independent.co.uk/life-style/gadgets-and-tech/juice-jacking-scam-charging-outlet-hack-public-district-attorney-warning-a9207761.html

https://blog.malwarebytes.com/explained/2019/11/explained-juice-jacking/

https://www.komando.com/news/you-need-to-avoid-public-usb-charging-stations-heres-why/685616/

https://www.infosecurity-magazine.com/news/la-warns-travelers-of-juice/

https://www.securitynewspaper.com/2019/11/15/never-charge-your-android-or-ios-smartphone-in-public-places-new-malware-juice-jacking/

http://da.lacounty.gov/about/inside-LADA/juice-jacking-criminals-use-public-usb-chargers-steal-data-ff


« Späť na zoznam