11.8 C
New York
Saturday, December 5, 2020
Home Trends LA warns of ‘juice-jacking’ malware, but admits it has no cases

LA warns of ‘juice-jacking’ malware, but admits it has no cases

Los Angeles’ district attorney is warning travelers to avoid public USB charging points because “they may contain dangerous malware.”

Reading the advisory, you might be forgiven for thinking that every USB outlet you see is just waiting for you to plug in your phone so it can steal your data. This so-called “juice-jacking” attack involves criminals loading malware “on charging stations or cables they leave plugged in at the stations so they may infect the phones and other electronic devices of unsuspecting users,” it reads. “The malware may lock the device or export data and passwords directly to the scammer.”

But the county’s chief prosecutor’s office told TechCrunch that it has “no cases” of juice-jacking on its books, though it said there are known cases on the east coast. When asked where those cases were, the spokesperson did not know. And when asked what prompted the alert to begin with, the spokesperson said it was part of “an ongoing fraud education campaign.”

Which begs the question — why?

Security researcher Kevin Beaumont tweeted that he hasn’t seen “any evidence of malware being used in the wild on these things.” In fact, ask around and you’ll find very little out there. Several security researchers have dropped me messages saying they’ve seen proof-of-concepts, but nothing actively malicious.

Juice-jacking is a real threat, but it’s an incredibly complicated and imperfect way to attack someone when there are far easier ways. And given so many phones have features in place to prevent these kinds of attacks, pulling off a juice-jacking attack would likely require burning a highly powerful exploit.

The idea, though — that you can plug in your phone and have your secrets stolen — is not entirely far-fetched. Over the years there have been numerous efforts to demonstrate that it’s possible. As ZDNet points out in its coverage of the juice-jacking warning, the FBI sent out a nationwide alert about the threat after security researcher Samy Kamkar developed an Ardunio-based implant designed to look like a USB charger to wirelessly sniff the air for leaky key strokes. And just earlier this year, a security researcher developed an iPhone charger cable clone that let a nearby hacker run commands on the vulnerable computer.

LA recommend using an AC power outlet and not a charging station, and to take your cables with you. That’s sound advice, but it’s just one of many things you need to do to keep your devices and data safe.

Source: TechCrunch

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

- Advertisment -

Most Popular

ED seizes Vijay Mallya’s French asset worth Rs 14-cr

Businessman Vijay Mallya's property worth Rs 14 crore located in France has been seized under the anti-money laundering law, the Enforcement Directorate said on...

Not just pent up demand that is reviving economy: Finance Minister Nirmala Sitharaman

Finance Minister Nirmala Sitharaman on Friday said the economy reflating at a rate faster than previously expected is not just due to pent up...

Farm reforms not done in a jiffy: Finance Minister Nirmala Sitharaman

Finance Minister Nirmala Sitharaman on Friday said the farm reform legislations were brought in after elaborate stakeholder consultations and a lot of homework, and...

Protesting farmers call for ‘Bharat Bandh’ on Dec 8, say will intensify agitation if demands not met

Hardening their position ahead of the fifth round of talks with the government, agitating farmers on Friday announced a 'Bharat Bandh' on December 8...

Recent Comments

%d bloggers like this: