There are so many ways now to have our computers hacked, but we forget about our phones. We already know that we shouldn’t leave our devices unattended without a password. Furthermore, most of our phones now are fingerprint locked, but still, there are ways to compromise Cyber Security on our phones.
So you have your phone locked with a pass and a fingerprint, or iris recognition or face recognition. You already know you shouldn’t download and install applications that are not verified by Google Play or Appstore. But what about charging your phone?
A study from the University of Florida shows us that when we’re charging our phones using unknown sources we could download malicious code that could take control of our phones, compromising it’s Cyber Security.
“It’s not just an unknown computer that’s a problem, but anything that you plug your USB cable into a charging station, a kiosk … For all we know there could be something malicious on the other side injecting these commands to your phone,” says Kevin Butler, associate professor in the University of Florida Herbert Wertheim College of Engineering and a leader of the research team.
The researching team hacked 8 different phones using AT commands. AT commands are composed of letters A and T followed by a short string of characters and were first used in the 80s to control dial-up modems. These commands are still used by phone manufacturers to control devices. From making calls and sending texts to taking pictures. And there are thousands of custom AT commands out there.
Although this vulnerability was tested only on 8 handsets so far, and all of them using Android, the researchers believe that there could be many more devices afflicted by this problem. The team will run different tests to other handsets including Apple phones, which are known to respond to AT commands.
Samsung and LG already issued security patches to address this issue, but watching this video is quite concerning. Especially when Butler says “it’s essentially like having a ghost user on your phone”.
Our experts say that the easiest way to keep your phone protected is to use a password and fingerprint/face/iris recognition to lock it. Never download apps from untrusted links, never leave your phones unattended, and always charge your phones using known computers or even better power banks if you can’t find an old-fashioned wall plug.
Want to learn more about Cyber security? Or maybe you want to learn more about how we can help your businesses cyber security? Click this link to find the answer to both questions.
