With the Chuseok holiday expected to bring more travelers, a warning has been issued that the risk of smartphone hacking through shared USB chargers commonly used at airports and hotels is growing.
Global security firm NordVPN said on the 23rd that there could be attacks by hackers targeting smartphones containing sensitive information such as passport, hotel reservation, and airline mileage account, urging caution. In an actual survey, cases were confirmed in which travel-related data, including passport scans, were traded for thousands of dollars on the dark web.
In particular, attention is on a method called choicejacking, an evolved form of "juice jacking." Traditional juice jacking planted malware through a charger, but choicejacking activates data transfer mode automatically without the user's consent and can extract photos, documents, and contacts in just 133 milliseconds. Experts said that with a variety of attack techniques mobilized, including keystroke injection, buffer overflow, and protocol misuse, detection is virtually difficult.
Proposed prevention measures include: ▲ keeping smartphone operating systems and apps on the latest security patches ▲ minimizing the use of public chargers ▲ using personal chargers and power banks ▲ activating charge-only mode. NordVPN also noted that theft during travel is serious and stressed that, if it occurs, remote lock and reset, account password changes, suspension of carrier services, and filing a police report should be handled promptly within 48 hours.
Hwang Seong-ho, head of NordVPN's Korea office, said, "Choicejacking is an example of public charging threats evolving a step further," adding, "You should not believe public USB ports are safe, and awareness and preparedness for hacking and theft risks are the most important line of defense."