If not redirected, please click here https://www.thesecuritybuddy.com/mobile-phone-security/what-is-juice-jacking/
Smart phones and tablets are
indispensable today. We can hardly think of even a single day without
them. We carry them almost everywhere we go. And, that results in the
most common problem we face with them. We need to charge them quite
often.
Sometimes when we are travelling, we
run out of charges and we end up going to public charging kiosks to
charge them. But, how safe is that ?
In fact, attackers can take advantage of charging mobile devices from public charging kiosk and perpetrate attacks. Juice Jacking is one such example.
In fact, attackers can take advantage of charging mobile devices from public charging kiosk and perpetrate attacks. Juice Jacking is one such example.
How is Juice Jacking done ?
We often charge our mobile devices with
a USB charger. And, the same cable is used for data connection also.
And, that results in another vulnerability which attackers can
exploit to invade privacy and steal sensitive data from the device.
In 2011, Brian Krebs first reported on
this attack. He suggested, it is quite possible for attackers to set
up a rogue public charging kiosk and hide a small computer inside it.
As a result, when a smart phone or tablet will be plugged in to it
using a normal USB cable, the hidden computer will be able to inject
malicious code or steal sensitive information like contact list,
emails or other data stored in the device.
How to prevent Juice Jacking ?
Smart phone vendors are already taking
steps to prevent this attack. For example, Apple iOS nowadays no
longer allow the device to be automatically mounted. They have also
released various security patches to fight with the vulnerability.
Android devices also prompt the user
before mounting the device as a hard drive when plugged in over USB.
And there are always a couple of steps
that we can take to safeguard us from this attack.
- If you are using a public charging kiosk, use the power cord that directly plugs into a regular electrical outlet.
- Power off your device before charging it into a public charging kiosk.
- You can also use “Juice Jack Defender” to charge your mobile devices. These are small USB pass-through devices that enables the charging of mobile devices, but blocks the data transfer capability using that cord.
How to know whether my device is vulnerable to Juice Jacking ?
Plug in your device to a computer using
a normal USB charger. If it mounts the device automatically and
allows data transfer with the cord, your device is vulnerable to
Juice Jacking.
If the device does not automatically
mount as a hard drive using the USB cable and instead ask for a
prompt to be allowed to be mounted, your device is not vulnerable to
this attack.
So, beware of all vulnerabilities so
that you can protect your devices in a better way and stay safe, stay
secured.
Read More
How do outdated Zombie Applications pose a security threat ?
How can attackers record private conversations inside a car using Car Whisperer ?
What is Rooting of Android devices and how does it make the devices less secure ?
What is Jailbreaking and how does it make our devices less secure ?
What is Pod Slurping and how does it pose a security threat ?
Read More
How do outdated Zombie Applications pose a security threat ?
How can attackers record private conversations inside a car using Car Whisperer ?
What is Rooting of Android devices and how does it make the devices less secure ?
What is Jailbreaking and how does it make our devices less secure ?
What is Pod Slurping and how does it pose a security threat ?
No comments:
Post a Comment