Block Panel here

Officials warn about the dangers of using public USB charging stations

Posted by: Admin on 19th November 2019 00:01:25.
Posted in Category: News


Travellers should use only AC charging ports, use USB no-data cables, or "USB condom" devices.­
 

Travellers are advised to avoid using public USB power charging stations in airports, hotels, and other locations because they may contain dangerous malware, the Los Angeles District Attorney said in a security alert published last week.

USB connections were designed to work as both data and power transfer mediums, with no strict barrier between the two. As smartphones became more popular in the past decade, security researchers figured out they could abuse USB connections that a user might think was only transferring electrical power to hide and deliver secret data payloads.

This type of attack received its own name, as "juice jacking."

Across the years, several proofs-of-concept were created. The most notorious is Mactans, presented at the Black Hat 2013 security conference, which was a malicious USB wall charger that could deploy malware on iOS devices.

Three years later, in 2016, security researcher Samy Kamkar took the concept further with KeySweeper, a stealthy Arduino-based device, camouflaged as a functioning USB wall charger that wirelessly and passively sniffs, decrypts, logs, and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.

Following Kamkar's release of KeySweeper, the FBI sent out a nation-wide alert at the time, warning organizations against the use of USB chargers and asking companies to review if they had any such devices in use.

Also, in 2016, another team of researchers developed another proof-of-concept malicious USB wall charger. This one could record and mirror the screen of a device that was plugged in for a charge. The technique become known as "video jacking."

Taking all these into account, LA officials recommend that travelers:

  • Use an AC power outlet, not a USB charging station.
  • Take AC and car chargers for your devices when traveling.
  • Consider buying a portable charger for emergencies.

But there are also other countermeasures that users can deploy. One of them is that device owners can buy USB "no-data transfer" cables, where the USB pins responsible for the data transfer channel have been removed, leaving only the power transfer circuit in place. Such cables can be found on Amazon and other online stores.

There are also so-called "USB condoms" that act as an intermediary between an untrusted USB charger and a user's device.

Two such devices are SyncStop (formerly known as USB Condom) and Juice-Jack Defender. Many others also exist, and at one point, even Kaspersky researchers tried to build one -- called Pure.Charger -- but their Kickstarter fundraiser failed to raise the needed funds.

Details from zdnet.com


No Comments Yet! - Be the first to comment.

Update on the Westpac Scams

Posted by: Admin on 11th November 2019 04:16:57.
Posted in Category: News


Go-Daddy have now taken down the two phishing web sites associated with the Westpac email scams that we reported here:
and here:

So there's two less scams to worry about laugh


 
No Comments Yet! - Be the first to comment.

Categories

Latest Posts
All Posts

cPanel Phishing Scam 3
Posted on 4th July 2020 00:10:56 by Admin.

cPanel Scam 2
Posted on 4th July 2020 00:07:12 by Admin.

cPanel Phishing Scam
Posted on 4th July 2020 00:01:33 by Admin.

PayPal Phishing Scam July 2020
Posted on 3rd July 2020 23:49:30 by Admin.

Tik-Tok App Spying on Users
Posted on 30th June 2020 05:33:06 by Admin.

Facebook Phishing Emails
Posted on 23rd May 2020 02:26:55 by Admin.

Nation Australia Bank Scam
Posted on 28th April 2020 05:38:34 by Admin.

Hackers have breached 60 ad servers to load their own malicious ads
Posted on 23rd April 2020 05:32:35 by Admin.

Phishing Scam to get your email sign-in details
Posted on 23rd April 2020 05:22:22 by Admin.

TV License Scam
Posted on 13th April 2020 04:10:31 by Admin.

Tips on how to avoid Coronavirus (COVID-19) inspired scamming campaigns
Posted on 11th April 2020 03:46:27 by Admin.

Corona Virus Scam Emails Installing Viruses
Posted on 7th April 2020 11:34:58 by Admin.

Another HMRC Scam
Posted on 7th April 2020 04:40:13 by Admin.

Covid Scammers
Posted on 7th April 2020 00:50:06 by Admin.

WARNING - Door to Door Mask Distributors
Posted on 2nd April 2020 07:27:42 by Admin.

First Previous 1 2 3 [4]
ASSA Alliance - keeping you safe on-line