More than one will have run out of battery mobile in the middle of a public road, be it in an airport, shopping center, bus station or even in a cafeteria. For these cases, a USB port can save the day, but will it be the safest?
The experts in cyber security alert different dangers that we must take into account when connecting our devices to public USB ports or unknown computers. Which are? Coming up next, we tell you.
LOOK: What risks do we expose our children to when we give them their first cell phone or computer?
‘Handshaking’ or ‘JuiceJacking’, two dangers for connecting the cell phone to any USB port
When we connect a smartphone to a public USB port, anyone runs the risk that it has been previously modified by a cybercriminal for the purpose of stealing or injecting informationin what is known as ‘Juice Jacking‘.
“In these types of attacks, file theft could be as simple as programming a malicious device to be plugged into the socket where the USB plugs in, and if they do pair, attackers could invade a person’s privacy and transfer sensitive data such as messages or photos over the connection”said Camilo Gutiérrez, Head of Laboratory at ESET Latam.
Likewise, cybercriminals also need our help to carry out their misdeeds. “For the attack to be successful, the user must allow the synchronization of their device with the attacker’s”Gutierrez said. For this to be possible, the victim needs to “grant permissions for file access”.
On the other hand, it is not the only tool used by ‘hackers’ to access our computers. We also have the ‘handshaking‘, a term that refers to the connection between the mobile device and the computer via a USB cable. Even if it seems like a simple or routine activity, leaves a significant amount of data at the mercy of cybercriminals (such as phone number, contact list, fingerprints, messages, among others).
“Each smartphone transfers to the computer basic information such as device name, manufacturer and serial number. As a result, the device can serve as a unique identifier for anyone that may be interested in collecting data for later use”revealed, for his part, Fabio Assolini, senior security analyst at Kaspersky.
LOOK: Do passwords bother you? Google enlists the support of a “definitive system” to replace them
What are the malicious software applied in these cases and their consequences
We have already mentioned two practices (or techniques) used by cybercriminals to access our information for later sale, publication in Internet forums or blackmail. However, the limits do not exist and hackers will be able to do whatever they want with the data.
Spokespersons for cybersecurity firms Kaspersky and ESET agree that ‘Handshaking’ or ‘JuiceJacking’ attacks are used to install trojan viruses on compromised cell phones. This with the aim of obtain information without the user realizing that they are being attacked.
In turn, depending on the malicious software, it will be necessary to be careful about installing apps from unknown sourceswhich can spy on our activities in the background.
LOOK: A 16-year-old would be behind the cyberattacks that put Microsoft, Nvidia and more in check
What to do if I need to charge my cell phone in a public USB port
While it is true that connecting our cell phones to public USB ports or computers poses a risk, the information will not be on a tray for hackers as long as we take proper care. As we have already said, they might need our help granting permissions or downloading unknown apps to install their viruses. So, What can I do if I need to recharge the battery?
From Kaspersky they indicate that if we find a electric power outlet and a USB port, it is recommended to connect the cell phone with the first of these, since these “yes they are safe”.
However, they are not always available (imagine you are in another country and you don’t have an adapter). “A wide variety of cell phones and tablets offer select functionality of the connection between file transfer, exclusively battery charging, or both. For this reason it is important to verify that file transfer mode is not enabled by default”the head of the ESET Latam laboratory explained to El Comercio.
In other words, You have to configure the cell phone so that when we connect it to a USB port or computer it only charges the battery and do not transfer data.
Here are some other tips to keep in mind:
What do I do if my cell phone is infected by malicious software?
Experts indicate that the best thing we can do in the event of being victims of a cyberattack is, first of all,change access credentials and services linked to the equipment. This way we can prevent hackers from entering our accounts and stealing information.
They also advise, if you have an Android cell phone, restart the phone in safe mode and remove suspicious applications. How I do this? A) Yes:
- Press and hold the button off
- Press the restart option for a few seconds and choose ‘Reboot in safe mode’
- After restarting, go to Settings, Downloaded Applications and look for apps with strange names or that we do not remember having installed
- After doing the sweep of applications, manually restart the computer
By last, We recommend the general public to avoid plugging their cell phones into unknown USB sockets., as well as street computers, since, as we have been able to observe, there are dangers of all kinds that could lead to cybercrimes. It’s also important to be aware of the apps we download and be careful about the permissions we grant. Finally, our most valuable data is in our cell phone and an oversight can be fatal.
Source: Elcomercio