Security While Charging Your Smartphone

Maybe your phone battery ran out a little faster than you expected. Maybe you went on an overnight trip and forgot your charger. Maybe you packed a USB micro cable instead of USB-C cable.

Whatever the reason, we have all at some point had to borrow someone’s charger. It’s a simple enough request that you may even ask the stranger sitting next to you on the bus, or at the airline gate.

But what if doing so puts your data at risk?

Cellphone Charging

Hackers Can Use Phone Chargers To Steal Your Data

This new hacking technique was discovered when a hacker known as “MG” started selling compromised iPhone lightning cables through his Twitter account. Called the “O.MG Cable”, it’s designed to gain access to passwords and sensitive information on any device it’s plugged in to.

While there hasn’t been a notable incident of this occurring yet, it’s an important reminder that you shouldn’t just plug anything into your personal devices.

“Being careful about what you plug into your devices is just good tech hygiene,” Charles Henderson, Global Managing Partner and Head of X-Force Red at IBM Security, told Forbes. “If you were on a trip and realized you forgot to pack underwear, you wouldn’t ask all your co-travelers if you could borrow their underwear. You’d go to a store and buy new underwear.”

Why You Need To Think Before You Plug In

While this may sound like a new tactic, it’s really just a variation on an old classic known as “baiting”.

Baiting uses a false promise to pique the target’s curiosity or meet a need. They lure users into a trap that steals their personal information or inflicts their systems with malware. One of the most common forms of baiting is the use of physical media to infect the target with malware.

For example – the cybercriminal drops USBs all around a target’s business, hoping that a user will pick one up, and, out of curiosity, plug it into their computer. Once plugged in, the USB executes the malware automatically, infecting the entire network.

This scam relies on the target’s assumption that there wouldn’t be any risk to plugging an unknown device into their computer. This is an incredibly dangerous assumption to make, and now, it extended beyond USBs you may find on the ground. You’ll also have to think twice about the phone chargers you use as well.

How Can You Protect Yourself?

The one upside to this new tactic is that it likely won’t be very widespread, as it won’t be cost-effective for cybercriminals trying to target large groups.

“[…] this kind of attack doesn’t scale real well, so if you saw it, it would be a very targeted attack,” said Henderson to Forbes. “But just because we haven’t yet seen a widespread attack doesn’t mean we won’t see it, because it certainly does work.”

What can you do to protect yourself?

The key is to not make any assumptions about your security – moreso, just don’t trust technology.

Always be skeptical of technology you’re using. After all, it’s a product meant to be sold, and so, the top priority is often user experience, not user security.

Here’s an example – when it comes to Wi-Fi connectivity settings, would you prioritize security or convenience? On one hand, it’s much more convenient to users if the device in question is configured to automatically connect to open and available Wi-Fi hot spots.

But that’s not very secure, is it?

That’s why it’s your responsibility to make up the difference if you actually want to maintain a higher level of security. Don’t sacrifice your personal security just because it’s convenient for you.

Like this article? Check out the following blogs to learn more:

LabCorp Data Breach: What We Know

Watch Out: File Hijacking and Malware Possible Through Slack Bug

How to Cyber Secure Your Company in 60 Minutes or Less