[SPEAKER_00]: As millions of travelers head to airport during the busy summer season, the transportation security administration, TSA, has issued a stronger warning about the risks of charging devices at public USG stations. [SPEAKER_00]: News.com has learned that the advisory comes amid renewed concerns about juice jacking in a newer, more advanced threat known as choice jacking.
[SPEAKER_00]: The TSA urged airline passengers to avoid plugging phones or other devices directly into public USB ports, which are common in airports. [SPEAKER_00]: Instead, the agency advised travelers to carry their own charging solutions. [SPEAKER_00]: Bring your TSA compliant power brick or battery pack and plug in there. [SPEAKER_00]: When you're at an airport, do not plug your phone directly into a USB port. [SPEAKER_00]: The TSA said in a statement.
[SPEAKER_00]: The warning highlights that public charging points could expose travelers to hidden cybersecurity risks. [SPEAKER_00]: Juice jacking is a form of cyber attack in which hackers exploit public USB ports to install spyware of malware on devices. [SPEAKER_00]: Once connected, a compromised charging station can transfer harmful software, potentially giving attackers access to personal files, stored data and even login credentials.
[SPEAKER_00]: Public USB port should never be treated safe, set-out Rihanna's warm and open-up nor VPN. [SPEAKER_00]: The FBI and cybersecurity experts are previously warned that Jews jacking incidents, although difficult to track, are an ongoing concern in high traffic location such as airports and train stations. [SPEAKER_00]: A more recent threat, known as choice jagging, has raised new concerns.
[SPEAKER_00]: According to Warman Hogan, this method is a dangerous evolution in public charging threats. [SPEAKER_00]: Instead of relying solely on hidden malware, attackers trick users with a prompt that encourages them to enable data transfer on their device. [SPEAKER_00]: With a single deceptive prompt, attackers can trick people into enabling data transfer, potentially exposing personal files and other sensitive data, Warman Hogan explained.
[SPEAKER_00]: According to reports, attacks on Android phones exploit permissions for peripherals using Android's open accessory protocol for accessories such as mice or keyboards. [SPEAKER_00]: Attackers can then begin hijacking system input through ADB or Android debug bridge, which can simulate user input and change the USB mode to allow data transfer.
[SPEAKER_00]: The attack then proceeds with a series of commands aimed at gaining complete control of the device and gaining key access for further control. [SPEAKER_00]: On the other hand, iOS differs slightly and offers users a bit more protection. [SPEAKER_00]: As the outlet Android Authority explains, a rig USB cable or charger can be used to trigger a connection event for a Bluetooth device.
[SPEAKER_00]: Although it may appear as a regular Bluetooth-based audio accessory to your iPhone, it could act as the machinery to secretly allow data transfer and gain access to specific files and photos. [SPEAKER_00]: However, it cannot access the entire iOS system as it can on Android. [SPEAKER_01]: Knowledge, knowledge, unfilter.