MANILA -Filipinos are warned against using USB (universal serial bus) ports at free charging stations in public places such as airports, malls and hotels as they may fall victims to “juice jack” attacks where hackers illegally access a user’s device, according to cybersecurity company Palo Alto Networks.
In a statement on Monday, Palo Alto noted that such ports could be a vector for transmission of malicious software (malware) into a user’s phone or device.
“Juice jacking happens when malicious actors embed malware into charging stations and activate data transfer through the USB cables to infect connecting devices,” the company explained.
The malware tricks the users into providing access to the device, allowing attackers to look into sensitive information, including bank account and credit card details.
Ultimately, however, the cybersecurity company said that the users have the power to deflect such attacks by not clicking on permissions to allow suspicious software from being installed.
“Malware requires a user’s permission, much like any other app on your phone, before it can actually infect a device. The users are the last gate to keeping malware away, so it’s really important for them to think before they click and challenge why an app would request access to your personal information,” said Sean Duca, vice president and regional chief security officer for Asia Pacific and Japan.
Duca reminded Filipinos to always consider the potential risks before allowing mobile applications to run on devices.
“Public charging stations also carry the threat of malware infection and data theft, similar to the dangers of public Wi-Fi networks. As a mobile-savvy nation, Filipinos need to be prepared to handle this risk by questioning whether we can trust our data with another device and understanding how it can be misused from the get-go,” he said.
Cybersecurity company Kasperksy, in a previous report, noted that cybercriminals have been innovating their mobile malware attacks amid the accelerated shift to digitalization during the pandemic.
“This time, malicious codes in the form of Trojans are being injected in third-party ad modules, loaded into legitimate programs in the guise of updates or added to harmless apps approved by app stores,” it explained.
A Trojan is a malware that can delete, block, modify or copy data from a device and even cause disruptions in a network of computers.
READ MORE:
Public phone charging stations may be unsafe
Campaigns through text: A breach of data privacy?