News Forum - Malware, not charging cable, to blame for phone hack

[Thaiger]

A man’s Facebook post sparked controversy on social media after he reported that 101,560 baht (about US$3,300) had disappeared from his bank account while he was charging his phone at a public charging station. Many began to suspect that the charging cable had been tampered with to steal data from his device, leading to widespread …

The story Malware, not charging cable, to blame for phone hack as seen on Thaiger News.

Read the full story

[Soidog]

You don’t say! Where was any evidence presented to suggest it could be a charging cable. People always jump to conclusions on such matters. It nearly always Malware or some other “Click Link” issue. 

[palooka]

 a fake dating app called “Sweet Meet” that the man had installed on his phone. 

Which was probably set up to fleece him when it was charging. 

How many look at their phones on charge?

Maybe shut your phone down or disconnect from the net while charging in a public area.

 

[Chatogaster]

3 hours ago, Thaiger said:

Prinya called for financial and tech literacy programs to educate the public.

 

That's a great ambition (?) depending on what "calling for" means (just saying it once in a press release, or actively pushing for changes after the statement is made?)

With respect to rest of the article, I'm getting the impression that an otherwise valid app may have been installed from a non-market place.

Installing apps from non-authorized markets (i.e., from somewhere that is not Google Play Store or Apple Store) is near-impossible on Apple products. For Android, it requires a configuration change (once) + it gives a clear warning (every time).

But that doesn't really matter. Some unofficial markets may be one big source of malware, but even official markets have their share.

Luckily, installation alone (from whatever source) isn't enough. A user additionally needs to explicitly consent to requests by an app in order to enable it to perform actions like accessing/overlaying the screen or accessing/replacing the virtual keyboard (which are vital ingredients of a successful attack). No sane & attention-paying person would consent to that (admittedly, there are many insane or absent minded users).

Advice about Play/Apple Store are just temporary band-aids but they keep on being applied on a permanent basis. Technical literacy education does seem to offer the hope of being a cure, but -while important- even that is missing something more profound.

The core of the problem is much more basic. To give a simple example, every month or so SCB (Siam Commercial Bank) prompts for a consent to the terms of use (which you *have* to consent to). It also randomly either appends or prepends a consent form for allowing SCB to sell your data for commercial purposes to adverting partners (which you *don't* have to consent to). All of my acquaintances -some technically literate- who use the SCB app turned out to have consented (I asked them to check and , appallingly, several required me to explain how to check their consent status). Furthermore, not one would have consented if they had been aware of what was requested and each reverted their "decision" upon finding out.

The real cure is for people to 1) pay attention when they are asked any "OK or not OK?" question (digital or not), and 2) having a mindset in which "not OK" is a valid answer. Item 1 is a problem in every culture. Item 2 a big hurdle in some cultures, including Thai culture.

 

[Bluesofa]

1 hour ago, Soidog said:

You don’t say! Where was any evidence presented to suggest it could be a charging cable. People always jump to conclusions on such matters. It nearly always Malware or some other “Click Link” issue. 

Plus the fact the guy has two mobile phones.
He himself said that he used his iPhone phone only for banking apps.
He used his Android phone just to play games. This is the one he claimed was hacked while being charged, and IIRC his story was supported by the police initially.

[Chatogaster]

24 minutes ago, Bluesofa said:

Plus the fact the guy has two mobile phones.
He himself said that he used his iPhone phone only for banking apps.
He used his Android phone just to play games. This is the one he claimed was hacked while being charged, and IIRC his story was supported by the police initially.

 

That's a good point. 

• The CIB warned about USB cables (it's small risk in practice, but it was acknowledged to not be 0).
• It was the android phone that was charged. 
• One of the phones (it isn't clear which although the Android one seems suggested) had an app considered to suspicious/claimed to be malicious (and if it was the iPhone, it must have been from Apple Store).
• The iPhone was used for banking but isn't mentioned in another role.

It's a mess (the reporting via news for sure -not that they have much of a choice- and I'm willing to bet the forensic analysis is a joke as well). 
 

 

[bushav8r]

3 hours ago, palooka said:

 a fake dating app called “Sweet Meet” that the man had installed on his phone. 

Which was probably set up to fleece him when it was charging. 

How many look at their phones on charge?

Maybe shut your phone down or disconnect from the net while charging in a public area.

Why is "Sweet Meet" clickable?  Is it a real app?  

[Does]

Your electronic moblie device can be infected with maleware or malicious code when charging from an unkown USB port.  It is called “juice jacking”. A hacker will infect a USB charging port, and when you use the USB port to charge your phone, your moblie device’s information can infected with maleware to access your information.  
 
Whenever I use an a public USB charging port, in a hotel, on a plane, etc…, I always attach a USB Data Port Blocker.  The main use of a USB Data Port blocker is to allow power to flow to your device for charging, but  there are no data pin receptors for information to flow from your device to the USB port.   The main purpose of using a data port blocker is to eliminate the risk of infecting your moblie device, and prevent any malicious code from accessing your data. 

A data port blocker is not very big, they are about the same size as a thumb drive, but can save you from this type of incident.   Just search Juice Jacking and Data Port Blocker if you want confirmation of the above information.  

[Bluesofa]

8 minutes ago, Does said:

Your electronic moblie device can be infected with maleware or malicious code when charging from an unkown USB port.  It is called “juice jacking”. A hacker will infect a USB charging port, and when you use the USB port to charge your phone, your moblie device’s information can infected with maleware to access your information.  
 
Whenever I use an a public USB charging port, in a hotel, on a plane, etc…, I always attach a USB Data Port Blocker.  The main use of a USB Data Port blocker is to allow power to flow to your device for charging, but  there are no data pin receptors for information to flow from your device to the USB port.   The main purpose of using a data port blocker is to eliminate the risk of infecting your moblie device, and prevent any malicious code from accessing your data. 

A data port blocker is not very big, they are about the same size as a thumb drive, but can save you from this type of incident.   Just search Juice Jacking and Data Port Blocker if you want confirmation of the above information.  

That seems like a good idea.
I have a Samsung phone, the USB>phone lead is a charging lead and data lead too.
I've seen some other leads that aren't data leads, only power supply for charging. I assume they would also do the same job instead of a data blocker?

[Does]

If those data only charging cables have the data pins receptors blocked, then yes they will prevent juice jacking.  To see if your cables are data blockers, you need to look at the charging plug of your cable.  If you take a normal cable and look at the usb plug, you will see 4 metal strips on top of the white ledge inside the plug.  The 4 receptor strips allow for the transfer of power and data to and from your phone.   A data blocker will only 2 receptor strips; the middle 2 strips will be missing.  The 2 missing receptors does not allow data transfer from your phone.   Hope this helps.