Connecting your mobile device to a computer using a USB cable could make you vulnerable to hackers.
“Using just a regular PC and a standard micro USB cable, armed with a set of special commands, Kaspersky experts were able to re-flash a smartphone and silently install a root application on it. This amounts to a total compromise of the smartphone, even though no malware was used,” Kaspersky said.
The device name, type, manufacturer, serial number, operating system information, firmware information, file system/file list and the electronic chip ID are all shared during the connection of device to computer. This transfer makes it easy for hackers to exploit the supposedly safe data exchange between the smartphone and computer.
“The security risks here are obvious: if you’re a regular user you can be tracked through your device IDs; your phone could be silently packed with anything from adware to ransomware,” warns Alexey Komarov, researcher at Kaspersky Lab.
Kaspersky Lab suggests to protect yourself by only using trusted USB charging points instead of computers; keep your mobile phone secure with a password or fingerprint recognition and be sure not to unlock it while charging; use encryption technologies and secure containers to protect data; and install antivirus software that can detect malware even if a charging vulnerability is used.