The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber-attacks targeting unsuspecting telecom consumers, which are likely to result in loss of valuable data and critical information on mobile devices.
NCC-CSIRT listed the first attack as Juice Jacking, a cybertheft exploit through which unauthorised users or hackers gain access into consumers’ devices when charging mobile phones at public charging stations. The other form of cyber attack is a Facebook for Android Friend Acceptance Vulnerability, which targets only Android Operating System.
According to the recently released CSIRT security advisory report, attackers have found a new way to gain unauthorised entry into unsuspecting mobile phone users’ devices when they charge their mobile phones at public charging stations through juice jacking.
Juice jacking, as described by tech security experts, is a security exploit in which an infected USB charging station is used to compromise connected devices. The exploit takes advantage of the fact that a mobile device’s power supply passes over the same USB cable the connected device uses to sync data.
How juice jacking lead to data invasion
With the support of new digital innovations, many tech-friendly public spaces, restaurants, malls and even public transport systems such as the Bus Rapid Transit (BRT) and public trains, provide charging ports or sockets as complimentary services to customers in a bid to enhance customer patronage.
However, an attacker can leverage this courtesy to load a payload in the charging station or on the cables they would leave plugged in at the stations.
Once unsuspecting persons plug their phones at the charging station or the cable left by the attacker, the payload is automatically downloaded on the victims’ phone. This payload then gives the attacker remote access to the mobile phone, allowing them to monitor data transmitted as text, or audio using the microphone. The attacker is also granted full access to the gallery and also to the phone’s Global Positioning System (GPS) location.
The attacker’s remote access to the user’s phone ultimately leads to breach in confidentiality, violation of data integrity and bypass of authentication mechanisms.
According to the NCC-CSIRT, symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking longer time to load, and crashing frequently.
How to prevent Juice Jacking attack
The NCC-CSIRT advised users to avoid Universal Serial Bus (USB) data connection and instead, use a personal AC charging adapter in public space. Users are also warned against granting trust to portable devices prompt for USB data connection.
Other preventive measures against Juice Jacking as highlighted in the security advisory report include:
-
Installing antivirus and updating them to the latest definitions.
-
Keeping mobile devices up to date with the latest patches
-
Using a personal power bank or charger when charging in public.
-
Keeping mobile phones off when charging in public places.
Asides juice jacking attack, the NCC-CSIRT advisory report warned that Facebook for Android is vulnerable to a permission issue which gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone.
The report explained that with this, the attacker is able to add the victim as a friend and collect personal or sensitive information such as email, date of birth, check-ins, mobile phone number, address, pictures and other information that the victim may have shared, which would only be visible to his/her Facebook friends.
Versions 329.0.0.29.120 of Android OS were disclosed to be the most likely prone products to the attack.
To be protected from the Facebook-associated vulnerability, NCC-CSIRT advised users to disable the feature from their device’s lock screen notification settings.
