Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

FBI Warns Against Using Public USB Ports Due to Malware Risk

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,964
39,964


The United States Federal Bureau of Investigation (FBI) last week warned users to stay away from public USB ports due to malware risks. On Twitter, the Denver FBI office (via CNBC) said that public charging stations in hotels, airports, and shopping centers can be a malware attack vector.

lightning-connector-feature-blue.jpg

Bad actors have learned to use public USB ports to "introduce malware and monitoring software onto devices," the FBI said. When out in public, users should bring their own charger and USB cord, using an electrical outlet for charging purposes instead of a public USB port.

Apple's iPhones and Macs have a USB security feature that prevents the Lightning port from being used for data transfer purposes when it has been more than an hour since the device was unlocked, but this does not prevent malware installation if you are actively using your device and connect to a public port.


If a public USB port is used to transfer malware to a computer, tablet, or smartphone, hackers can gain access to sensitive data on the device, siphoning usernames and passwords, hijacking email, stealing money from online accounts, and more.

The only way to stay safe is to use your own USB cable to charge in public spaces, which effectively prevents this potential method of attack.

The FBI has a similar warning on its website, noting that people should not use free charging stations. The FBI also warns against using public Wi-Fi for sensitive transactions, opening suspicious documents, using the same password for all accounts, and clicking unsolicited links in text messages and emails.

Article Link: FBI Warns Against Using Public USB Ports Due to Malware Risk
 
Article Link
https://www.macrumors.com/2023/04/10/fbi-malware-public-usb-port-warning/
Last edited:
MacRumors said:


The United States Federal Bureau of Investigation (FBI) last week warned users to stay away from public USB ports due to malware risks. On Twitter, the Denver FBI office (via CNBC) said that public charging stations in hotels, airports, and shopping centers can be a malware attack vector.

lightning-connector-feature.jpg

Bad actors have learned to use public USB ports to "introduce malware and monitoring software onto devices," the FBI said. When out in public, users should bring their own charger and USB cord, using an electrical outlet for charging purposes instead of a public USB port.

Apple's iPhones and Macs have a USB security feature that prevents the Lightning port from being used for data transfer purposes when it has been more than an hour since the device was unlocked, but this does not prevent malware installation if you are actively using your device and connect to a public port.


If a public USB port is used to transfer malware to a computer, tablet, or smartphone, hackers can gain access to sensitive data on the device, siphoning usernames and passwords, hijacking email, stealing money from online accounts, and more.

The only way to stay safe is to use your own USB cable to charge in public spaces, which effectively prevents this potential method of attack.

The FBI has a similar warning on its website, noting that people should not use free charging stations. The FBI also warns against using public Wi-Fi for sensitive transactions, opening suspicious documents, using the same password for all accounts, and clicking unsolicited links in text messages and emails.

Article Link: FBI Warns Against Using Public USB Ports Due to Malware Risk
Click to expand...


I feel like this is something that's been known in tech circles for years..

I've been trying to explain this to my customers, family, and friends for years now..

Maybe they'll actually pay attention to this?

Probably not, but it can't hurt.
 
  • Like
  • Love
Reactions: ZZ9pluralZalpha, ackmondual, J.J. Sefton and 24 others
As an Amazon Associate, MacRumors earns a commission from qualifying purchases made through links in this post.
  • Like
  • Love
Reactions: G5isAlive, _Spinn_, JunBringer and 19 others
As an Amazon Associate, MacRumors earns a commission from qualifying purchases made through links in this post.
  • Like
Reactions: wildaman, wyrdness, GeoStructural and 8 others
alexandr said:

FBI Warns Against Using Public USB Ports Due to Malware Risk​

...and asks everyone to use their personal, FBI-certified USB cables which will be shipped out to them in the coming weeks...
Click to expand...
Let's call this FBI derangement syndrome (FDS) since you chose to make this political even though it really did not have to be.
 
Last edited by a moderator:
  • Like
  • Disagree
  • Haha
Reactions: G5isAlive, odin, takasugi and 30 others
djc6 said:
I've yet to find a good one for USB-C though - you end up charging at like 5V 1A because it can't negotiate USB-PD protocol without the data lines :-/
Click to expand...
PortaPow seems to be the most popular brand, but none of the USB-C versions I'm aware of support "Quick Charge" functions.
 
  • Like
Reactions: djc6
gund1234 said:
How do i know what cable i am buying ?
Click to expand...
You can always test the cable at home connecting your phone to your computer. If the phone doesn't ask for authorization or doesn't automatically connect, it's most likely power only. They also sell power only cables.

Someone handy with an Xacto knife can cut open a regular USB cable and snip the data cables--usually the green and the white. The red is power, the black is ground. Usually.
 
  • Like
Reactions: wyrdness
Or get a data blocker, if the cable can be unplugged.

ALWAYS use a data blocker in a rental car as the head units tend to gulp everything they can off any devices connected to them. Amazon has a bunch of data blockers if you look for them. (They just connect to the power leads of the USB port. Although I understand some devices won't charge if they aren't also connected to data lines. There is a shim for that in some blockers, but even still, some devices just will not charge unless there is also data connectivity:rolleyes:)
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back