SECURITY ALARM bell ringer Kaspersky has warned against charging your smartphone via public USB outlets and even your own PC or Mac.
A concept presented at the Black Hat security conference in 2014 demonstrated how you probably shouldn't use public smartphone charging stations, as hooking up to a fake one could see malware loaded onto your device.
Kaspersky has been looking into this more and, as part of a study into the dangers of charging your handset at a public charging station, tested a number of devices using iOS and Android to see what data is transferred externally while connected to a Mac or PC.
The security firm discovered that a "whole litany of data" is transferred from the smartphone to a computer during the process, including device name, device type, device manufacturer, serial number, operating system information, firmware information, file system/file list and the electronic chip ID.
This means that, as well as hooking up to potentially fake public outlets being unsafe, charging your smartphone via your own computer could pose a risk to your personal data.
"Now that smartphones almost always accompany their owner, the device serves as a unique identifier for any third party who might be interested in collecting such data for some subsequent use," Kaspersky said.
"But it wouldn't be a problem if collecting a few unique identifiers was all that an attacker could do with a device connected to an unknown computer or charging device."
Alexey Komarov, a researcher at Kaspersky, warned: "It is strange to see that nearly two years after the publication of a proof-of-concept demonstrating how a smartphone can be infected through the USB, the concept still works.
"The security risks here are obvious: if you’re a regular user you can be tracked through your device IDs; your phone could be silently packed with anything from adware to ransomware; and, if you’re a decision-maker in a big company, you could easily become the target of professional hackers.
"And you don’t even have to be highly skilled to perform such attacks, as all the information you need can easily be found on the internet."
In order to keep your smartphone's sensitive data out of the hands of hackers, Kaspersky advises using only trusted USB charging stations and encryption technologies to protect the data. µ
Crapsicab firm says bug 'isn't particularly severe'
4.15 follows shortly
Lithium-metal batteries are lighter and hold more juice
Loved up... but weighed down with debt