NCC Reveals Two Ways Hackers Now Use To Steal Information From Phones

The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has shared two ‘new’ ways hackers now use to get access to peoples’ information.

Having identified the criminal methods, the commission also listed measures to be taken by citizens to get protected from the cyber-attacks.

The first method according to CSIRT is called Juice Jacking. This method, Naija News understands has to do with the hackers gaining access to consumers’ devices when charging mobile phones at public charging stations.

The method according to the commission is not limited to any phone, it is applicable to all mobile devices.

The second cyber attack method has to do with Facebook for Android Friend Acceptance Vulnerability, which targets only Android Operating System.

Naija News understands that the CSIRT disclosed these in its first-ever security advisories less than three months after its creation.

According to the CSIRT security Advisory 0001 released on January 26, 2022, with Juice Jacking, attackers have found a new way to gain unauthorized access to unsuspecting mobile phone users’ devices when they charge their mobile phones at public charging stations.

It has been observed that many public spaces, restaurants, malls, educational institutions and even public trains now offer complementary services to their customers in a bid to enhance customer services, one of which is providing charging ports or sockets.

While doing this is commendable, cyber attackers are now seizing the opportunities to load a payload in the charging station or on the cables they would leave plugged in at the stations.

Once unsuspecting persons plug their phones at the charging station or the cable left by the attacker, the payload is automatically downloaded on the victims’ phone, CSIRT revealed.

This payload according to the findings, gives the attacker remote access to the mobile phone, allowing them to monitor data transmitted as text, or audio using the microphone.

Also, the attacker after achieving this can go on to watch the victim in real-time if the victims’ camera is not covered.

The attacker is also given full access to the gallery and also to the phone’s Global Positioning System (GPS) location, Naija News understands.

When an attacker gains access to a user’s Mobile phone, he gets remote access to the User’s phone which leads to breaches in Confidentiality, Violation of Data Integrity and bypass of Authentication Mechanisms. Symptoms of attack may include a sudden spike in battery consumption, devices operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage.

Providing solutions to these vulnerabilities, the NCC-CSIRT advises citizens to only allow using ‘charging only USB cable’ on their devices to avoid Universal Serial Bus (USB) data connection; using one’s AC charging adaptor in public space, and not granting trust to portable devices prompt for USB data connection.

Other preventive measures against Juice Jacking include installing Antivirus and updating them to the latest definitions always; keeping mobile devices up to date with the latest patches; using one’s own power bank; keeping the mobile phone off when charging in public places; as well as ensuring use of one’s own charger if one must charge in public.

On the other hand, the NCC-CSIRT Advisory 0001 of January 27, 2022, warns that Facebook for Android is vulnerable to a permission issue that gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone. The products affected include Versions 329.0.0.29.120 of Android OS.

With this, the attacker will be able to add the victim as a friend and collect personal information of the victim, such as Email, Date of Birth, Check-ins, Mobile phone number, Address, Pictures and other information that the victim may have shared, which would only be visible to his/her friends.

On this note, the NCC-CSIRT admonished in the security advisory that users should disable the feature from their device’s lock screen notification settings.

Doing this will protect them from the Facebook-associated vulnerability, Naija News reports.