Jump to content

Central bank claims phone charging cables cannot be used to steal data


Recommended Posts

Posted

1674028451255-1.jpg

 

The Bank of Thailand and the Thai Bankers Association (TBA) have dismissed a widespread suggestion on social media, claiming that a charging cable can be used to steal data stored in smart phones.

 

In fact, they said that data in smart phones are stolen by scammers when the phone users download applications or fake SMS messages containing malware, specifically designed to gain unauthorised access to information on the phones.

 

According to banking sources, the central bank has issued a set of measures, in close cooperation with the Ministry of Digital Economy and Society, the National Broadcasting and Telecommunications Commission, the Anti-Money Laundering Office and the Royal Thai Police, for financial institutions to deal with the latest tricks used by online scammers to steal money.

 

Full Story: https://www.thaipbsworld.com/central-bank-claims-phone-charging-cables-cannot-be-used-to-steal-data/

 

Logo-top-.png

-- © Copyright Thai PBS 2023-01-18
 

- Cigna offers a range of visa-compliant plans that meet the minimum requirement of medical treatment, including COVID-19, up to THB 3m. For more information on all expat health insurance plans click here.

 

Monthly car subscription with first-class insurance, 24x7 assistance and more in one price - click here to find out more!

  • Thumbs Up 1
Posted

The central bank clearly doesnt stay current.. 

Google 'juice jacking' in general and badusb or rubber ducky exploits.. Theres plenty !! 

The primary thing is the other way round, plugging in a phone to charge from a laptop.. 

  • Like 1
Posted
3 hours ago, OneMoreFarang said:

I think that is not entirely correct.

If the phone is per USB cable connected to a computer, then the phone (at least Android) asks how this connection should be used. One option is to charge only. Another option is to transfer data. This makes it possible to copy pictures and other data from the phone directly to the computer disk, without any wireless connection.

 

I am pretty sure such functionality could be integrated into a cable. And then the cable would work like a PC which could receive and possibly store and possibly transmit the data from the phone. Technically this is definitely possible.

I don't know if the user has to click to allow this. Maybe it is also possible that that is the default setting of a phone as soon as a cable is connected. But then again, lots of users never look what is written in a message, they just click ok, next, whatever. 

 

So yes, a modified charging cable, which is a lot more than a charging cable, can be used to get user data.

 

Data can be sent through a cable but the phone would have to be in the users posession also bank data is encrypted end to end so I really dont think this would work.

 

Clicking on spam texts on the other hand...

 

  • Like 2
Posted

Are there not two kinds of USB cable, charge only with two cores, and data transfer with 4.

So if you only use a charging cable, you'll be OK.

  • Thumbs Up 2
Posted
8 hours ago, KannikaP said:

Are there not two kinds of USB cable, charge only with two cores, and data transfer with 4.

So if you only use a charging cable, you'll be OK.

Exactly...........????

  • Thumbs Up 1
  • Thanks 1
Posted
12 hours ago, lupin said:

Excuse me Mr bank Knobs, Kevin Mitnik, perhaps the worlds best known Hacker, demonstrated this exact technique over 4 years ago.

 

 

 

 

Not the same thing, in these & all other "Bad USB" attacks, it's the PC/Laptop that's compromised not the phone... Somebody could have plugged in any other kind of electronic device that is charged via that USB cable & carried out the same hack. 

 

 

 

 

 

 

 

Posted

The Bank of Thailand and the Thai Bankers Association (TBA) have dismissed a widespread suggestion on social media, claiming that a charging cable can be used to steal data stored in smart phones.

 

U'm, interesting comment from so-called banking experts on IT financial data theft.

 

image.png.2438aeb794aaecfc5b0b9e1b12bc65f1.png

  • Thumbs Up 1
Posted

Central bank claims phone charging cables cannot be used to steal data 

 

Now that's nice ,But can they say How they steal the Data and How can they Prevent the Hackers from stealing the Data/money.

Posted
16 hours ago, lupin said:

Excuse me Mr bank Knobs, Kevin Mitnik, perhaps the worlds best known Hacker, demonstrated this exact technique over 4 years ago.

 

 

 

 

Of course it is possible to get malware IF you connect to a PC.

However, if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone.

Posted (edited)
10 minutes ago, KannikaP said:

Of course it is possible to get malware IF you connect to a PC.

However, if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone.

That is not what this is about... the cable itself injects the malware regardless of the device. The cable itself is compromised.

 

"if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone." ... that is EXACTLY what this compromised cable can do. The cable has been modified to contain the malware. It does not need a source.

Edited by lupin
aurocorrect
Posted (edited)
41 minutes ago, lupin said:

That is not what this is about... the cable itself injects the malware regardless of the device. The cable itself is compromised.

 

"if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone." ... that is EXACTLY what this compromised cable can do. The cable has been modified to contain the malware. It does not need a source.

So make sure you buy and use a cheap & cheerful charge only cable from 7/11 to charge your phone, ONLY from a charger, not a PC/laptop, to be on the safe side.

Edited by KannikaP
Posted
5 hours ago, hotchilli said:

Scammers are forever getting smarter and it's up to the financial institutions to keep up to date with the latest anti-scam measures.

Having said that, the public must also play their part my being extra vigilant when doing online transactions or giving out sensitive details online.

Any incoming massages that seem a bit iffy just delete them.. not open them.

To expand on this thought, the scammers have always been 3 or 4 steps ahead in the game - and certainly doesn't apply to banking systems as such. Everything IT, electronic and digital can be easily suspect and accessed......yet, our increasingly mad lifestyles almost force our hand towards living in this manner. 

Posted (edited)
21 hours ago, KannikaP said:

Of course it is possible to get malware IF you connect to a PC.

However, if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone.

Are you sure? If there is an active device in the charger device surely the phone's Wi-Fi, Internet and Bluetooth could be taken over? Also malicious code could be held there and copied down. 

Edited by jacko45k
Posted
21 hours ago, digger70 said:

Now that's nice ,But can they say How they steal the Data and How can they Prevent the Hackers from stealing the Data/money.

The answer to the first question is buried deep within the OP. Paragraph 2, to be precise.

 

As for how to stop it happening? It's a tricky one. How exactly do you educate a global population to not click on dodgy adds or respond to phone calls and messages then input their login details to scam sites? My UK bank has big warnings every time you transfer money, advising people to think again if they've been asked to make this transfer by a 3rd party. I'm guessing that the impact this message has is negligible; scammers are very skillful at playing the human psyche.

Posted (edited)
1 hour ago, jacko45k said:

Are you sure? If there is an active device in the charger device surely the phone's Wi-Fi, Internet and Bluetooth could be taken over? Also malicious code could be held there and copied down. 

Of course if someone has 4ucked around with the charger or cable, but not if you use standard, normal shop bought or original items.

Edited by KannikaP
Posted
1 minute ago, KannikaP said:

Of course if someone has 4ucked around with the charger or cable, but not if you use standard, normal shop bought items.

Hopefully not.... but the discussion was about public charging stations, probably like you might find in the food courts. People can be quite creative.. the old bank card skimmers a good example of that. 

  • Thumbs Up 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...