INSUBCONTINENT EXCLUSIVE:
Los Angeles& district attorney is warning travelers to avoid public USB charging points because &they may contain dangerous
malware.&
Reading the advisory, you might be forgiven for thinking that every USB outlet you see is just waiting for you to plug in your
phone so it can steal your data
This so-called &juice-jacking& attack involves criminals loading malware &on charging stations or cables they leave plugged in at the
stations so they may infect the phones and other electronic devices of unsuspecting users,& it reads
&The malware may lock the device or export data and passwords directly to the scammer.&
But the county chief prosecutor office told
TechCrunch that it has &no cases& of juice-jacking on its books, though it said there are known cases on the east coast
When asked where those cases were, the spokesperson did not know
And when asked what prompted the alert to begin with, the spokesperson said it was part of &an ongoing fraud education campaign.&
Which begs
the question — why?
Security researcher Kevin Beaumont tweeted that he hasn&t seen &any evidence of malware being used in the wild on
these things.& In fact, ask around and you&ll find very little out there
Several security researchers have dropped me messages saying they&ve seen proof-of-concepts, but nothing actively malicious.
Juice-jacking
is a real threat, but it an incredibly complicated and imperfect way to attack someone when there are far easier ways
And given so many phones have features in place to prevent these kinds of attacks, pulling off a juice-jacking attack would likely require
burning a highly powerful exploit.
The idea, though — that you can plug in your phone and have your secrets stolen — is not entirely
Over the years there have been numerous efforts to demonstrate that it possible
As ZDNet points out in its coverage of the juice-jacking warning, the FBI sent out a nationwide alert about the threat after security
researcher Samy Kamkar developed an Ardunio-based implant designed to look like a USB charger to wirelessly sniff the air for leaky key
And just earlier this year, a security researcher developed an iPhone charger cable clone that let a nearby hacker run commands on the
vulnerable computer.
LA recommend using an AC power outlet and not a charging station, and to take your cables with you
That sound advice, but it just one of many things you need to do to keep your devices and data safe.
This hacker iPhone charging cable can
