Tag Archives: Adrianus Warmenhoven

USB Juice Jacking Is New Way Hackers Attack Travelers

How to avoid being hacked during this Fall’s travel season. 

According to a recent study by cybersecurity firm NordVPN, one in four travelers has been hacked when using public Wi-Fi while traveling abroad. However, unsecured Wi-Fi is not the only factor travelers should be worried about. 

Last year, the FBI published a tweet (see below) warning users against smartphone charging stations in public places (airports, hotels, and shopping malls). Hackers may have modified the charging cables with the aim of installing malware on phones to perform an attack called juice jacking. 

“Digital information, although it exists virtually, can also be stolen using physical devices. So it is important to take a 360-degree approach and secure your device from both online and offline threats,” says Adrianus Warmenhoven, a cybersecurity advisor.

What is juice jacking?

Juice jacking is a cyberattack where a public USB charging port is used to steal data or install malware on a device. Juice jacking attacks allow hackers to steal users’ passwords, credit card information, addresses, names, and other data. Attackers can also install malware to track keystrokes, show ads, or add devices to a botnet.

Image

Is juice jacking detectable?

Juice jacking attacks can be difficult to detect. If your device has already been compromised, you may notice some suspicious activity – but that won’t always be the case.

For example, you may notice something you don’t recognize on your phone — like purchases you didn’t make or calls that look suspicious.

Your phone may also start working unusually slowly or feel hotter than usual. Chances are you may have picked up malware. For a full list of signs to watch out for read on and find out how to know if your phone is hacked.

How to protect yourself

Since no sign of juice jacking is 100% reliable, it is best to avoid falling victim to this attack by using the following the advice:

  • Get a power bank. Power banks are a safe and convenient way to charge your device on the go. Getting a portable power bank means that you’ll never have to use public charging stations where juice jacking attacks occur. Always ensure your power bank is fully charged so you can use it on the go.
     
  • Use a USB data blocker. A USB data blocker is a device that protects your phone from juice jacking when you’re using a public charging station. It plugs into the charging port on your phone and acts as a shield between the public charging station’s cord and your device.
     
  • Use a power socket instead. Juice jacking attacks only happen when you’re connected to a USB charger. If you absolutely need to charge your phone in public, avoid the risk of infected cables and USB ports and use a power outlet. This is typically a safe way to charge your mobile device and other devices in public.

For the Silo, Darija Grobova.

Study: Is your phone reading your mind? 33% of Canadians have noticed being tracked by their gadgets

Digital privacy expert discusses the possible violation of privacy and security of cross-device tracking 

Third of Canadians (33%) have ever noticed an ad on their devices of something they recently spoke about or saw on TV (but hadn’t searched for), according to research by NordVPN, a leading cybersecurity company. A majority of them noticed such ads on their smartphones (76%), computers (49%), or tablets (29%). Moreover, such experience made more than 4 in 10 (46%) Canadians feel tracked/followed as well as scared (12%). 

“That’s due to ultrasonic cross-device tracking. That’s when smartphones have apps that are continuously listening to inaudible, high-frequency ultrasonic sounds from the surroundings and gather a lot of information about you — all without your knowledge. Later, they share this data across other devices,” says Adrianus Warmenhoven, a digital privacy expert.

While tracking people’s behavior across devices is beneficial to marketers, cross-device tracking is often questioned by privacy experts because of its lack of transparency, security and protection of sensitive consumers’ data. 

What do our American friends think?

Ultrasonic cross-device tracking — a trending rise 

Ultrasonic cross-device tracking is used as a method to link all the devices you own to track your behavior and location. These ultrasonic audio beacons can be embedded in many things we interact with daily: TV shows, online videos or websites, or apps on our phones.

Imagine you are watching TV and you see  chocolate being advertised. You pick up your phone, and the same chocolate ad appears on your screen. By using ultrasounds, audio beacons can detect when your phone is nearby, and apps on your phone can listen for approximate audio beacons to track what you are doing.

“Many apps currently ask for permission to access the smartphone’s microphone to incorporate a particular type of ultrasonic beacon to track them. Since it requires no mobile data or Wi-Fi connection but only microphone access to listen to beacons, tracking works even when you have disconnected your phone from the Internet.

“It’s not possible to stop ultrasonic beacons from emitting sound frequencies around you. Therefore, the best way to reduce the chance of your smartphone listening for beacons is to simply restrict unnecessary permissions you have granted to the apps installed on your device,” says Adrianus Warmenhoven.

How can you reduce cross-device tracking?

NordVPN research shows that 65% of Canadians don’t know how to restrict their smartphone’s permissions from listening to them. No one likes to be tracked. Therefore, Adrianus Warmenhoven suggest several ways people can reduce the incidence of this happening:

  • Use a VPN. One of the best ways to protect yourself from being tracked is by using a VPN. A VPN is a tool that encrypts every bit of information about your internet activity. It also stops IP-based tracking because it masks your IP address.
     
  • Use a privacy browser. If you want to keep yourself from tracking, it is best to use a private browser like Tor or DuckDuckGo rather than the incognito mode in Google Chrome. These browsers do not profile you or save any of your personal data for sharing with marketers.
     
  • Change app permissions. The apps on your smartphone may have some permissions that are not required. For instance, why would a photo-editing app need access to your microphone? If apps on your phone have such non-required permissions, you should revoke these permissions.

“The consolidation of power among large tech companies allows them to obtain large quantities of data about individuals across multiple platforms and devices. In this way, technology giants have even more opportunities to obtain deeper insights into individuals’ habits and preferences. Data consolidation through cross-device and platform tracking may also increase data security risks,” says Adrianus Warmenhoven. For the Silo, Darija Grobova/NordVPN.

Research: Adult Content, Streaming & Video Hosting Sites Have Most Security Threats

According to research by our friends at NordVPN, one of the leading cybersecurity companies, adult content, streaming, and video hosting sites have the most security and privacy threats, such as malware, intrusive ads, and trackers. Research shows that NordVPN’s Threat Protection feature, whose sole purpose is to protect people from such threats, blocked 344M trackers, 341M intrusive ads, and 506K malware infections in the month of December 2022 alone.

“The online world is challenging people in every single move they make. Want to read an article? Dozens of ads and pop-ups are ready to immediately cover your screen. Another privacy threat – malware – is lurking for you on websites and in files you are about to download. Websites you browse are also full of third-party trackers that analyze your browsing history to find out what you do online. It depends on you to stop it,” says Adrianus Warmenhoven, a cybersecurity advisor at NordVPN.

Adult content sites contain the biggest amount of malware

Malware is malicious software that seeks to damage or compromise a device or data. Malware’s scope varies from relatively harmless to extremely dangerous. Malicious software can track people’s data, steal sensitive information, or even delete it without your consent.

NordVPN research shows that adult content sites (21%), as well as cloud storage providers (14%) and entertainment sites (11%), contain the biggest amount of malware. In December, Threat Protection blocked 60.4K, 40.1K, and 30.9K domains of these categories respectively.

Among the most common types of malware are viruses, spyware, worms, trojans, adware, scareware, ransomware, and fireless malware.

Streaming media sites have the most intrusive ads

Intrusive advertising refers to pushing invasive and irrelevant ads in front of consumers. They irritate users by popping up unexpectedly, blocking the host page, opening new pages and windows, or playing video and audio at inopportune times.

As for intrusive ads, the majority of them were found on streaming (23%), adult content (16%), and online shopping (9%) sites. Threat Protection detected and blocked millions of them: 552M, 389M, and 226M respectively.

“Today, ad blockers are essential for both security because they block ads that can infect people’s devices and privacy because annoying ads rely on collecting data from web activity and violating people’s privacy. Also, if a website is loading slower than usual, you can blame intrusive ads. Free apps filled with unwanted ads could also drain your device’s battery faster,” explains Adrianus Warmenhoven.

image: variety.com

Video hosting sites have the biggest number of trackers

While many trackers are a tool for advertising and improving user experience, they may also become handy for online spies. Internet service providers (ISPs), marketing agencies, social media companies, and governments can access your online actions and breach your privacy.

NordVPN’s Threat Protection showed that video hosting sites (22%), cloud storage providers (16.31%), web email (16.25%), and information technology sites (12%) have the most trackers. Video hosting sites alone had 239 billion trackers blocked by Threat Protection in December 2022.

It’s worth adding that earlier NordVPN research showed that the average number of trackers per website is highest in Hong Kong (45.4 trackers), Singapore (33.5), the United States (23.1), and Australia (18.6).

“You can become less trackable online by declining third party cookies, because the website can sell your browsing data to third parties; using a VPN, which will hide your real IP address and location; installing a tracker blocker, which will stop your browsers from collecting information about you; and using privacy browsers, which can obfuscate your browser fingerprint, or ditching Google, which tracks a lot of data about you,” says Adrianus Warmenhoven.

Threat Protection scans your files before you download them, identifies threats, and blocks them before they can harm your device. The feature is free with every NordVPN subscription – and it allows you to go online without leaving a trace, protecting your privacy and improving your digital security.

Methodology: The statistics mentioned above were acquired by analyzing aggregated data gathered by the NordVPN’s Threat Protection service in January 2023. No identifiable user information was collected, reviewed, or otherwise involved when the research and compiled results were conducted.