The Central Bureau of Investigation (CIB) has warned the public to be vigilant when charging their smartphones in public, saying hackers can modify charging cables to leak the phone owners’ personal information.
According to CIB’s Facebook post on Monday, hackers can use remote access points to control a skimming chip installed in every port on the charger.
Hackers can use the chip to extract personal information from smartphones, including passwords, financial information and bank account numbers, or infect them with malware.
People who need to charge their phones in public should be careful when taking someone else’s charger or plugging the charger into public charging ports, the post said.
Concerns about cable hacking emerged after a post on a personal Facebook page on January 8 by a netizen named only as Widsanusavan claimed he had lost 101,560 baht from his bank account after charging his phone in public. :
Widsanusawan said that he received notifications from the bank about transactions that he had not made, from his account after charging his phone in public. He said he found an unknown app on his phone, which he said was the app the hacker used to leak the data.
Netizens suspected that the hacker might have used the charging port and cable to help spread the data, as Widsanusawan claimed that he never downloaded or visited any unknown websites.
Meanwhile, experts have weighed in on concerns about the charger being hacked.
Parinja Homanek, a member of the National Cyber Security Committee, said the hacking incident could have happened, but noted that so far no other cases have been reported in the country.
Mr. Parinha said such hacks, mostly on Android phones, can happen after victims visit malware-embedded commercial banners or download apps from outside official app stores.
An anonymous IT expert, however, said hacked charging cables are being sold illegally online and cost at least 5,000 baht. They are mainly used for online investigations, he added.
.
/cloudfront-us-east-1.images.arcpublishing.com/gray/IYXCCOWKPBAGXJOO46YBATKIJY.gif)