Connecting a smartphone to public USB ports can give attackers access to the data on the device, creating a risk of stealing personal files, installing malware, or gaining third-party control. The greatest danger arises when using an unlocked phone with someone else's adapters or rental power banks, experts at Perm Polytechnic University note.
The most likely channel for hacking is the USB ports of portable devices.
The vulnerability is real when using special equipment and a combination of conditions, such as outdated software or disabled protections. Rental power banks and anything that can be replaced or "slipped in" can become a high-risk zone. Less often this applies to other public points, for example, in airports, shopping centers, public transport, taxis, since in these cases it is physically more difficult to install malware.
The attack mechanism works by embedding a special chip programmed to execute dangerous scenarios into the USB port. You can infect the microcontroller in the charger in two ways: hack and reflash the electronic component, or connect a third-party, pre-compromised one into the socket.
As a result, instead of a simple power source, your smartphone connects to a hostile system whose goal is to bypass protection and gain access to personal information.
To protect yourself in public places, it is best to use personal accessories - a power adapter and an external battery. If they are not at hand, then you should pay attention to the labels "Charging only", "Power cable" or "For charging only" - such devices are not intended for data transfer, and therefore do not pose a threat.
Also, when charging your phone in a public place, you should block the transfer of files and the device itself, and only then connect to the power source.