How can a public USB charging station be manipulated by criminals to put a virus on my phone?

1.45K views

How can a public USB charging station be manipulated by criminals to put a virus on my phone?

In: 370

54 Answers

Anonymous 0 Comments

By connecting the other end to a computer or other device that can transmit and/or receive data from the device you’re trying to charge.

Anonymous 0 Comments

All USB devices have a microprocessor that provides a “class code” to tell the host device what it is. For the attack you describe to target a PC…, We rewrite the code on the microprocessor to identify our usb drive as a keyboard and then play a script to stream a load of keystrokes. A sample use might be to…. Disable windows defender and then pull and execute some malware from a web resource.

It’s similar for a juicejacking attack on a phone.

Anonymous 0 Comments

All USB devices have a microprocessor that provides a “class code” to tell the host device what it is. For the attack you describe to target a PC…, We rewrite the code on the microprocessor to identify our usb drive as a keyboard and then play a script to stream a load of keystrokes. A sample use might be to…. Disable windows defender and then pull and execute some malware from a web resource.

It’s similar for a juicejacking attack on a phone.

Anonymous 0 Comments

All USB devices have a microprocessor that provides a “class code” to tell the host device what it is. For the attack you describe to target a PC…, We rewrite the code on the microprocessor to identify our usb drive as a keyboard and then play a script to stream a load of keystrokes. A sample use might be to…. Disable windows defender and then pull and execute some malware from a web resource.

It’s similar for a juicejacking attack on a phone.

Anonymous 0 Comments

One clarification… there’s a lot of discussion about an attacker simulating a keyboard or a mouse. That can certainly happen, but more sophisticated attackers would directly attack the phone’s operating system without emulating any particular device. This is why it is so important to apply security updates to your phone… every vulnerability is potentially already being used by an attacker somewhere.

Anonymous 0 Comments

One clarification… there’s a lot of discussion about an attacker simulating a keyboard or a mouse. That can certainly happen, but more sophisticated attackers would directly attack the phone’s operating system without emulating any particular device. This is why it is so important to apply security updates to your phone… every vulnerability is potentially already being used by an attacker somewhere.

Anonymous 0 Comments

One clarification… there’s a lot of discussion about an attacker simulating a keyboard or a mouse. That can certainly happen, but more sophisticated attackers would directly attack the phone’s operating system without emulating any particular device. This is why it is so important to apply security updates to your phone… every vulnerability is potentially already being used by an attacker somewhere.

Anonymous 0 Comments

There is another way that this can be dangerous.

I give you [USBKIll](https://usbkill.com/) – turning an innocent USB charging cable into a potentially lethal (to your device) attack. Unless you put another device between you and the ‘killer USB’, or your device has an optocoupler built in (fancy for disconnecting the raw voltage of the USB port from the mainboard by converting the signal from +/- 5V to light pulses) then you may find the magic smoke escaping shortly thereafter. Or worse, causing a catastrophic failure of your battery and a runaway fire

Anonymous 0 Comments

There is another way that this can be dangerous.

I give you [USBKIll](https://usbkill.com/) – turning an innocent USB charging cable into a potentially lethal (to your device) attack. Unless you put another device between you and the ‘killer USB’, or your device has an optocoupler built in (fancy for disconnecting the raw voltage of the USB port from the mainboard by converting the signal from +/- 5V to light pulses) then you may find the magic smoke escaping shortly thereafter. Or worse, causing a catastrophic failure of your battery and a runaway fire

Anonymous 0 Comments

There is another way that this can be dangerous.

I give you [USBKIll](https://usbkill.com/) – turning an innocent USB charging cable into a potentially lethal (to your device) attack. Unless you put another device between you and the ‘killer USB’, or your device has an optocoupler built in (fancy for disconnecting the raw voltage of the USB port from the mainboard by converting the signal from +/- 5V to light pulses) then you may find the magic smoke escaping shortly thereafter. Or worse, causing a catastrophic failure of your battery and a runaway fire