Charging smartphones via USB could infect your PC

Stuart Corner
Tuesday, 18 October 2011 09:33

Business IT - Security

Security experts are warning that simply charging a smartphone from the USB port of a computer could lead to that computer becoming infected with malware, via the smartphone, and that an infected smartphone could be used to eavesdrop on private conversations.

Experts quoted in Georgia Tech's Emerging Cyber Threats report 2102 (presented at is cyber security summit last week)  expect mobile devices to emerge as a major new threat vector in coming months.

"Mobile applications relay increasingly on the browser presenting unique challenges to security in terms of usability and scale," the report says. "Expect compound threats targeting mobile devices to use SMS, e-mail and the mobile Web browser to launch an attack, then silently record and steal data."

It lists several reasons why smartphones are inherently more vulnerable and therefore likely to become a favoured target for malware distributors.

Patrick Traynor, GTISC researcher and assistant professor at the Georgia Tech School of Computer Science, said "The mobile vector requires special consideration when it comes to security," said Traynor. "We still need to explore the significant differences between mobile browsers and traditional desktop browsers to fully understand the potential of emerging threats."

He cites small screen size as just one of many device-related challenges to mobile security. "To enhance usability, the address bar disappears above the screen so that more of the page content can be displayed. But this also removes many of the visual cues users rely on to confirm the safety of their online location. If a user does click a malicious link on a mobile device, it becomes easier to obfuscate the attack since the Web address bar is not visible."

CONTINUED