Travellers are being advised to avoid using public USB power charging stations in airports, hotels and other locations.
In an official warning by the LA County district attorney it reads: “Travelers should avoid using public USB power charging stations in airports, hotels and other locations because they may contain dangerous malware.”
The USB Charger Scam, also known as “juice jacking” is when criminals load malware into the charging stations or cables left plugged in at the stations. The malware may infect electronic devices being charged – and either lock the device or export data and passwords directly to the criminal.
Additionally, criminals are now able to hide malware into USB cables itself, such as the O.MG Cable.
Subsequently, travellers are urged to avoid using public USB port and stick to using AC power outlets and car chargers to charge their devices.
Other countermeasures include buying “no-data transfer” cables, where USB pins are removed thus preventing any data transfer, and only leaving the power transfer circuit in place.
This scam has been around for a while, with attendees at the Black Hat 2013 security conference being warned about a malicious USB wall charger that could deploy malware onto iOS devices.
The district attorney’s warning indicates the extreme lengths threat actors are willing to go to delivery malware and steal information.
The post #Privacy: LA County warns travellers of USB charger scam appeared first on PrivSec Report.