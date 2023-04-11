



Most of us know how scary it is when your phone reaches 1% battery or panic when you see your screen flickering. But according to a recent FBI warning, rushing to plug your phone into a public charging station at a hotel, airport, or cafe can be dangerous.

Malicious individuals have found a way to introduce malware and surveillance software into devices using public USB ports, FBI Denver wrote in a tweet. Avoid using free charging stations at airports, hotels and shopping centers. That advice is to carry your own charger and her USB cord and use a power outlet to power your device.

The alert from the FBI is the government’s response to what is known as juice-jacking, a cybercrime in which hackers use public USB ports to steal data such as credit card numbers or install malware on users’ devices. Just the latest example of concern. The term is said to date back to 2011, when DefCon researchers created charging kiosks and showed potential cybersecurity risks for such stations. Years later, in a world where our smartphones have increasingly acted as wallets, GPS, photo albums, and constant logs of personal communications and browsing history, accessing someone’s device is actually can be as invasive as breaking into your home.

Ritesh Chugh, an associate professor and technology and social expert at the University of Central Queensland, wrote in an email that public charging docks pose a serious privacy risk. Studies have shown that a malicious charging station can identify his web page loaded in a phone’s browser within 10 seconds, but just enough to compromise a user’s phone. A one minute charging time may be sufficient.

It’s unclear how common these attacks are, and victim cases haven’t been widely publicized, but repeated warnings from security agencies around the world point to the continued danger posed by this attack method. , writes Chugh. Officials have also expressed similar concerns in California, India and Nigeria. The FCC’s website warns:

Tony Coulson, executive director of the Cybersecurity Center at California State University, San Bernardino, says we should start thinking about our phones like we think about credit cards. Don’t just go somewhere and plug in your debit card, he says.

He likens juice jacking to credit card skimming. Like credit card magnetic strips, which are vulnerable to security threats, USB technology is old and doesn’t have a lot of security built in, he said, Coulson. You can tell by looking at the USB plug. Inside he has four connectors. Two for power and two for data. No failsafe in between. When you plug in, he says, if data communicates, data communicates.

Experts say that if you’ve ever used a public charging station, be aware that your phone’s battery life will be reduced. Noticeable slowdown of its operation. overheating; settings are being changed without your input; and unusually high data usage. If you think you’ve been affected, we recommend removing suspicious apps and installing antivirus software. If you’re really worried, we recommend restoring the phone to factory settings. Also, you should keep your phone software up to date.

To avoid becoming a victim in the first place, Coulson recommends adopting newer USB technologies (such as USB C) or buying charge-only cables that can’t extract data. Wireless chargers are a safer option, and instances of tampering with such devices are almost non-existent, Chugh said.

When you connect your phone to a USB port, you may also be asked if you trust the device you’re connecting to. This indicates that USB may be doing more than just charging. Experts say you should say no unless you’re connected to your own computer.

If you need a USB port in a hurry, see if there are 4 or 2 connectors inside. Often four are made, but if there are two, it’s for charging, but that’s not a 100% rule, he warns Coulson.

When it comes to his own devices, he says I just charge my phone with my own plug-in charger. I have been doing it for years.

