Hacking Alert for Public Chargers Ahead of Chuseok Holiday
'Choicejacking' Threat: Automatic Data Transfer Activation
NordVPN: "Use Personal Chargers and Charge-Only Mode"
With the Chuseok holiday approaching, the risk of hacking through public USB chargers provided at airports, train stations, and cafes is increasing. On September 23, global cybersecurity company NordVPN issued a strong warning, stating, "Smartphones can be hacked in an instant through public chargers," and urged users to exercise extreme caution. The company pointed out that the risk is even greater during holiday periods, as essential travel information such as passport copies, hotel reservation details, and airline mileage accounts are often stored on mobile phones. In fact, there have been reports of hackers trading data such as scanned copies of passports on the dark web for thousands of dollars.
Advanced 'Choicejacking' Emerges... Data Stolen in Just 0.133 Seconds
Global cybersecurity company NordVPN has issued a warning about the risk of smartphone hacking through 'public chargers.' Photo by Asia Economy Database
NordVPN especially warned about the risk of "choicejacking," a hacking method that uses malicious devices disguised as chargers. Choicejacking is an evolved form of the previously known "juice jacking" technique. While traditional juice jacking involved installing malicious software through a charger, choicejacking automatically activates data transfer mode without the user's consent, allowing photos, documents, contacts, and more to be stolen in just 0.133 seconds. Experts explain that various attack techniques such as keystroke injection, buffer overflow, and protocol misuse are employed, making detection virtually impossible.
"Carry Your Own Charger and Avoid Connecting to Public Wi-Fi"
NodeVPN warned particularly about the risk of "choicejacking," a hacking method using malicious devices disguised as chargers. Photo by Asia Economy DB
To prevent such attacks, the company emphasized the importance of the following measures: keeping your mobile operating system and apps updated with the latest security patches; minimizing the use of public chargers; using personal chargers or portable batteries; and activating charge-only mode before charging. NordVPN also stated, "Smartphone theft while traveling can cause damage just as serious as hacking," and advised that in the event of theft, users should respond quickly within 48 hours by remotely locking and resetting the device, changing account passwords, suspending carrier services, and reporting to the police. Additional recommendations include backing up data before travel, enabling the 'Find My Device' feature, using strong biometric authentication, carrying a 'travel phone' with only minimal information, and purchasing insurance specifically for electronic devices.
Hwang Sungho, Country Manager of NordVPN Korea, emphasized, "Choicejacking is an evolved threat to public charging, where a single deceptive message can trick users into allowing data transfers, exposing personal files and sensitive information. Public USB ports should never be considered completely safe, and awareness and preparation against hacking and theft are the first line of defense."
The Korea Internet & Security Agency (KISA) also recently warned users that connecting to open smartphone charging ports (USB) or Wi-Fi in public places such as airports and subways overseas could lead to personal information leaks. On June 18, KISA posted a notice on its security site BohoNara, alerting that the hacking method known as "choicejacking"-where malicious apps installed via public charging ports in overseas locations are used to steal sensitive information-is becoming widespread.
KISA recommended that users be cautious when entering account or payment information while using free open Wi-Fi at airports and other locations. The agency explained that if hackers install malicious programs on open Wi-Fi networks, they can hack smartphones, laptops, and other devices to steal sensitive information such as online account and payment details. KISA advised users to apply the latest updates to their smartphone operating systems, use portable batteries for charging while traveling, charge devices via adapters rather than USB ports and use charge-only cables, and avoid using Wi-Fi networks without passwords.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
