Security News Public USB Charging Station pose data risk for Android and iPhone users

I

Ink

Administrator
Thread author
Verified
Jan 8, 2011
22,490
Content source
http://www.theinquirer.net/inquirer/news/2459750/iphones-and-android-devices-at-risk-from-usb-charger-data-hacking-threat
Kaspersky has warned against charging your smartphone via public USB outlets and even your own PC or Mac.

A concept presented at the Black Hat security conference in 2014 demonstrated how you probably shouldn't use public smartphone charging stations, as hooking up to a fake one could see malware loaded onto your device.

Kaspersky has been looking into this more and, as part of a study into the dangers of charging your handset at a public charging station, tested a number of devices using iOS and Android to see what data is transferred externally while connected to a Mac or PC.
Click to expand...

Black Hat 2014: Black Hat USA 2013 | Briefings

Kaspersky Report:

"As part of this research, the company’s experts tested a number of smartphones running various versions of Android and iOS operating systems in order to understand what data the device transfers externally while connected to a PC or Mac for charging.

The test results indicate that the mobiles reveal a whole litany of data to the computer during the ‘handshake’ (a process of introduction between the device and the PC/Mac it is connected to), including:
  • the device name
  • device manufacturer
  • device type
  • serial number
  • firmware information
  • operating system information
  • file system/file list
  • electronic chip ID
The amount of data sent during the handshake varies depending on the device and the host, but each smartphone transfers the same basic set of information, like device name, manufacturer, serial number etc.

Is this a security issue? Indirectly it is."

Continue Reading Kaspersky Full Report: Charging Mobile Devices Could Put Data at Risk | Kaspersky Lab
 
  • Like
Reactions: harlan4096, Der.Reisende, Alkajak and 4 others
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
In our country, its just a purely charging station that runs only with time limit when you insert the money; so confident of no security breach occurred.

In that case study of Kasperksy, definitely some enthusiastic users on some regions may reproduce it and may fall possible victim at high chance.
 
You must log in or register to reply here.

Similar threads

P
    • Like
    • +Reputation
"Juice Jacking"--Potential for Data Theft Via Free Public Chargers
Replies
5
Views
3,228
News Archive
plat
P
Stopspying
    • Like
Security and the Electric Vehicle Charging Infrastructure
Replies
1
Views
681
News Archive
MuzzMelbourne
MuzzMelbourne
I
    • Like
New Update SwiftGuard - Anti-Forensic USB Monitor tool
Replies
0
Views
643
Privacy and encryption
Ink
I

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top