Your battery is about dead and as luck would have it, you find a public mobile charging station. Saved!
Not so quick!
A smartphone can be hacked easily if you plug it in to charge via USB at a public place like an airport, cafe or on public transport. Researchers at Kaspersky Labs found that they could install a third-party application, like a virus, onto the phone via its USB cable connection to a computer. It took them under three minutes.
They also found that the Android and iOS phones tested leaked a host of private data to the computer they were connected to whilst charging, including the device name, device manufacturer, device type, serial number and even a list of files.
The report noted that your phone could be silently packed with anything from adware to ransomware. And, if you’re a decision-maker in a big company, you could easily become the target of professional hackers. Hackers have already exploited this connection: in 2013, Italian hackers known as “The Hacking Team” were able to infect a phone with malware through a computer connection. They plotted the attack based on the device model of the victim, which the hackers managed to get through the USB-connected computer.
What do you tell your employees about charging their devices????
How to be safe.
- Only plug your phone into trusted computers, using trusted USB cables
- Protect your mobile phone with a password, or with another method such as fingerprint recognition, and don’t unlock it while charging.
- Use encrypted apps like WhatsApp and iMessage to communicate
- Antiviruses can be a bore, but they help to detect malware even if a “charging” vulnerability is used.
- Update your mobile operating system to the most recent version, as that will have the most up-to-date bug fixes.