Jump to content
All visa questions and fresh Immigration updates here ×

Central bank claims phone charging cables cannot be used to steal data

snoop1130

By snoop1130
in Thailand News

 Share

Recommended Posts

snoop1130 Legendary Member

snoop1130

Posted
Posted

1674028451255-1.jpg

 

The Bank of Thailand and the Thai Bankers Association (TBA) have dismissed a widespread suggestion on social media, claiming that a charging cable can be used to steal data stored in smart phones.

 

In fact, they said that data in smart phones are stolen by scammers when the phone users download applications or fake SMS messages containing malware, specifically designed to gain unauthorised access to information on the phones.

 

According to banking sources, the central bank has issued a set of measures, in close cooperation with the Ministry of Digital Economy and Society, the National Broadcasting and Telecommunications Commission, the Anti-Money Laundering Office and the Royal Thai Police, for financial institutions to deal with the latest tricks used by online scammers to steal money.

 

Full Story: https://www.thaipbsworld.com/central-bank-claims-phone-charging-cables-cannot-be-used-to-steal-data/

 

Logo-top-.png

-- © Copyright Thai PBS 2023-01-18
 

- Cigna offers a range of visa-compliant plans that meet the minimum requirement of medical treatment, including COVID-19, up to THB 3m. For more information on all expat health insurance plans click here.

 

Monthly car subscription with first-class insurance, 24x7 assistance and more in one price - click here to find out more!

  • Thumbs Up 1
Link to comment
Share on other sites
  • Popular Post
OneMoreFarang Star Member

OneMoreFarang

Posted
  • Popular Post
Posted
2 minutes ago, snoop1130 said:

The Bank of Thailand and the Thai Bankers Association (TBA) have dismissed a widespread suggestion on social media, claiming that a charging cable can be used to steal data stored in smart phones.

I think that is not entirely correct.

If the phone is per USB cable connected to a computer, then the phone (at least Android) asks how this connection should be used. One option is to charge only. Another option is to transfer data. This makes it possible to copy pictures and other data from the phone directly to the computer disk, without any wireless connection.

 

I am pretty sure such functionality could be integrated into a cable. And then the cable would work like a PC which could receive and possibly store and possibly transmit the data from the phone. Technically this is definitely possible.

I don't know if the user has to click to allow this. Maybe it is also possible that that is the default setting of a phone as soon as a cable is connected. But then again, lots of users never look what is written in a message, they just click ok, next, whatever. 

 

So yes, a modified charging cable, which is a lot more than a charging cable, can be used to get user data.

  • Thumbs Up 1
  • Haha 2
Link to comment
Share on other sites
  • Popular Post
lupin Senior Member

lupin

Posted
  • Popular Post
Posted (edited)

Excuse me Mr bank Knobs, Kevin Mitnik, perhaps the worlds best known Hacker, demonstrated this exact technique over 4 years ago.

 

 

 

 

Edited by lupin
aurocorrect
  • Thumbs Up 4
  • Thanks 1
  • Haha 1
Link to comment
Share on other sites
Chelseafan Gold Member

Chelseafan

Posted
Posted
3 hours ago, OneMoreFarang said:

I think that is not entirely correct.

If the phone is per USB cable connected to a computer, then the phone (at least Android) asks how this connection should be used. One option is to charge only. Another option is to transfer data. This makes it possible to copy pictures and other data from the phone directly to the computer disk, without any wireless connection.

 

I am pretty sure such functionality could be integrated into a cable. And then the cable would work like a PC which could receive and possibly store and possibly transmit the data from the phone. Technically this is definitely possible.

I don't know if the user has to click to allow this. Maybe it is also possible that that is the default setting of a phone as soon as a cable is connected. But then again, lots of users never look what is written in a message, they just click ok, next, whatever. 

 

So yes, a modified charging cable, which is a lot more than a charging cable, can be used to get user data.

 

Data can be sent through a cable but the phone would have to be in the users posession also bank data is encrypted end to end so I really dont think this would work.

 

Clicking on spam texts on the other hand...

 

  • Like 2
Link to comment
Share on other sites
Mike Teavee Platinum Member

Mike Teavee

Posted
Posted
12 hours ago, lupin said:

Excuse me Mr bank Knobs, Kevin Mitnik, perhaps the worlds best known Hacker, demonstrated this exact technique over 4 years ago.

 

 

 

 

Not the same thing, in these & all other "Bad USB" attacks, it's the PC/Laptop that's compromised not the phone... Somebody could have plugged in any other kind of electronic device that is charged via that USB cable & carried out the same hack. 

 

 

 

 

 

 

 

Link to comment
Share on other sites
  • Popular Post
hotchilli Star Member

hotchilli

Posted
  • Popular Post
Posted
13 hours ago, snoop1130 said:

According to banking sources, the central bank has issued a set of measures, in close cooperation with the Ministry of Digital Economy and Society, the National Broadcasting and Telecommunications Commission, the Anti-Money Laundering Office and the Royal Thai Police, for financial institutions to deal with the latest tricks used by online scammers to steal money

Scammers are forever getting smarter and it's up to the financial institutions to keep up to date with the latest anti-scam measures.

Having said that, the public must also play their part my being extra vigilant when doing online transactions or giving out sensitive details online.

Any incoming massages that seem a bit iffy just delete them.. not open them.

  • Love It 1
  • Thumbs Up 3
Link to comment
Share on other sites
berrec Silver Member

berrec

Posted
Posted

The Bank of Thailand and the Thai Bankers Association (TBA) have dismissed a widespread suggestion on social media, claiming that a charging cable can be used to steal data stored in smart phones.

 

U'm, interesting comment from so-called banking experts on IT financial data theft.

 

image.png.2438aeb794aaecfc5b0b9e1b12bc65f1.png

  • Thumbs Up 1
Link to comment
Share on other sites
KannikaP Star Member

KannikaP

Posted
Posted
16 hours ago, lupin said:

Excuse me Mr bank Knobs, Kevin Mitnik, perhaps the worlds best known Hacker, demonstrated this exact technique over 4 years ago.

 

 

 

 

Of course it is possible to get malware IF you connect to a PC.

However, if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone.

Link to comment
Share on other sites
lupin Senior Member

lupin

Posted
Posted (edited)
10 minutes ago, KannikaP said:

Of course it is possible to get malware IF you connect to a PC.

However, if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone.

That is not what this is about... the cable itself injects the malware regardless of the device. The cable itself is compromised.

 

"if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone." ... that is EXACTLY what this compromised cable can do. The cable has been modified to contain the malware. It does not need a source.

Edited by lupin
aurocorrect
Link to comment
Share on other sites
KannikaP Star Member

KannikaP

Posted
Posted (edited)
41 minutes ago, lupin said:

That is not what this is about... the cable itself injects the malware regardless of the device. The cable itself is compromised.

 

"if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone." ... that is EXACTLY what this compromised cable can do. The cable has been modified to contain the malware. It does not need a source.

So make sure you buy and use a cheap & cheerful charge only cable from 7/11 to charge your phone, ONLY from a charger, not a PC/laptop, to be on the safe side.

Edited by KannikaP
Link to comment
Share on other sites
zzaa09 Star Member

zzaa09

Posted
Posted
5 hours ago, hotchilli said:

Scammers are forever getting smarter and it's up to the financial institutions to keep up to date with the latest anti-scam measures.

Having said that, the public must also play their part my being extra vigilant when doing online transactions or giving out sensitive details online.

Any incoming massages that seem a bit iffy just delete them.. not open them.

To expand on this thought, the scammers have always been 3 or 4 steps ahead in the game - and certainly doesn't apply to banking systems as such. Everything IT, electronic and digital can be easily suspect and accessed......yet, our increasingly mad lifestyles almost force our hand towards living in this manner. 

Link to comment
Share on other sites
jacko45k Star Member

jacko45k

Posted
Posted (edited)
21 hours ago, KannikaP said:

Of course it is possible to get malware IF you connect to a PC.

However, if you simply use the cable for charging from a wall unit, there is NO WAY any data can be transferred into your phone.

Are you sure? If there is an active device in the charger device surely the phone's Wi-Fi, Internet and Bluetooth could be taken over? Also malicious code could be held there and copied down. 

Edited by jacko45k
Link to comment
Share on other sites
JayClay Gold Member

JayClay

Posted
Posted
21 hours ago, digger70 said:

Now that's nice ,But can they say How they steal the Data and How can they Prevent the Hackers from stealing the Data/money.

The answer to the first question is buried deep within the OP. Paragraph 2, to be precise.

 

As for how to stop it happening? It's a tricky one. How exactly do you educate a global population to not click on dodgy adds or respond to phone calls and messages then input their login details to scam sites? My UK bank has big warnings every time you transfer money, advising people to think again if they've been asked to make this transfer by a 3rd party. I'm guessing that the impact this message has is negligible; scammers are very skillful at playing the human psyche.

Link to comment
Share on other sites
KannikaP Star Member

KannikaP

Posted
Posted (edited)
1 hour ago, jacko45k said:

Are you sure? If there is an active device in the charger device surely the phone's Wi-Fi, Internet and Bluetooth could be taken over? Also malicious code could be held there and copied down. 

Of course if someone has 4ucked around with the charger or cable, but not if you use standard, normal shop bought or original items.

Edited by KannikaP
Link to comment
Share on other sites
jacko45k Star Member

jacko45k

Posted
Posted
1 minute ago, KannikaP said:

Of course if someone has 4ucked around with the charger or cable, but not if you use standard, normal shop bought items.

Hopefully not.... but the discussion was about public charging stations, probably like you might find in the food courts. People can be quite creative.. the old bank card skimmers a good example of that. 

  • Thumbs Up 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...