FBI Warns Against Using Public USB Ports Due to Malware Risk

Monday April 10, 2023 1:24 pm PDT by Juli Clover

The United States Federal Bureau of Investigation (FBI) last week warned users to stay away from public USB ports due to malware risks. On Twitter, the Denver FBI office (via CNBC) said that public charging stations in hotels, airports, and shopping centers can be a malware attack vector.

lightning connector feature blue
Bad actors have learned to use public USB ports to "introduce malware and monitoring software onto devices," the FBI said. When out in public, users should bring their own charger and USB cord, using an electrical outlet for charging purposes instead of a public USB port.

Apple's iPhones and Macs have a USB security feature that prevents the Lightning port from being used for data transfer purposes when it has been more than an hour since the device was unlocked, but this does not prevent malware installation if you are actively using your device and connect to a public port.

Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead. pic.twitter.com/9T62SYen9T — FBI Denver (@FBIDenver) April 6, 2023

If a public USB port is used to transfer malware to a computer, tablet, or smartphone, hackers can gain access to sensitive data on the device, siphoning usernames and passwords, hijacking email, stealing money from online accounts, and more.

The only way to stay safe is to use your own USB cable to charge in public spaces, which effectively prevents this potential method of attack.

The FBI has a similar warning on its website, noting that people should not use free charging stations. The FBI also warns against using public Wi-Fi for sensitive transactions, opening suspicious documents, using the same password for all accounts, and clicking unsolicited links in text messages and emails.

Tag: FBI

Upcoming

WWDC

June 5–9

Apple's new AR/VR headset is expected to be unveiled, along with iOS 17, macOS 14, and more.

Mac Pro

2023

Apple's most powerful Mac will finally shift to Apple silicon.

Apple Headset

June 2023?

Apple's AR/VR headset is coming soon with eye- and gesture-tracking, dual 4K displays, M-series chips, and more. Here's what we know so far.

iOS 17

June 2023

Next-generation version of iOS, set to be previewed at WWDC 2023 in June with a public release in September.

• iMac

• iPhone 15

• iPhone 15 Pro

See full product calendar

Top Rated Comments

Mousse

8 weeks ago

There is a simple solution. Get a USB cable that only has the power and ground cables. Done and done.

Score: 35 Votes (Like | Disagree)

alexandr

[HEADING=2]FBI Warns Against Using Public USB Ports Due to Malware Risk[/HEADING]
...and asks everyone to use their personal, FBI-certified USB cables which will be shipped out to them in the coming weeks...

Score: 29 Votes (Like | Disagree)

jwdsail

('https://www.macrumors.com/2023/04/10/fbi-malware-public-usb-port-warning/')

The United States Federal Bureau of Investigation (FBI) last week warned users to stay away from public USB ports due to malware risks. On Twitter, the Denver FBI office (via CNBC ('https://www.cnbc.com/2023/04/10/fbi-says-you-shouldnt-use-public-phone-charging-stations.html')) said that public charging stations in hotels, airports, and shopping centers can be a malware attack vector.

Bad actors have learned to use public USB ports to "introduce malware and monitoring software onto devices," the FBI said. When out in public, users should bring their own charger and USB cord, using an electrical outlet for charging purposes instead of a public USB port.

Apple's iPhones and Macs have a USB security feature that prevents the Lightning port from being used for data transfer purposes when it has been more than an hour since the device was unlocked, but this does not prevent malware installation if you are actively using your device and connect to a public port.

[MEDIA=twitter]1643947117650538498[/MEDIA]

If a public USB port is used to transfer malware to a computer, tablet, or smartphone, hackers can gain access to sensitive data on the device, siphoning usernames and passwords, hijacking email, stealing money from online accounts, and more.

The only way to stay safe is to use your own USB cable to charge in public spaces, which effectively prevents this potential method of attack.

The FBI has a similar warning ('https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety/on-the-internet') on its website, noting that people should not use free charging stations. The FBI also warns against using public Wi-Fi for sensitive transactions, opening suspicious documents, using the same password for all accounts, and clicking unsolicited links in text messages and emails.

Article Link: FBI Warns Against Using Public USB Ports Due to Malware Risk ('https://www.macrumors.com/2023/04/10/fbi-malware-public-usb-port-warning/')

I feel like this is something that's been known in tech circles for years..

I've been trying to explain this to my customers, family, and friends for years now..

Maybe they'll actually pay attention to this?

Probably not, but it can't hurt.

Score: 27 Votes (Like | Disagree)

Mebsat

There are dongles for this. Maybe don't buy the cheapest one, lol.

Here's an example (not an endorsement):
https://www.amazon.com/PortaPow-3rd-Data-Blocker-Pack/dp/B00T0DW3F8

Score: 22 Votes (Like | Disagree)

Havalo

FBI giving advice, the irony is strong here.

Score: 21 Votes (Like | Disagree)

EmotionalSnow

Let's call this FBI derangement syndrome (FDS) since you chose to make this political even though it really did not have to be.

Score: 18 Votes (Like | Disagree)

Read All Comments

FBI Warns Against Using Public USB Ports Due to Malware Risk

Top Rated Comments

Popular Stories

Brazilian Electronics Company Revives Long-Running iPhone Trademark Dispute

Next Article

Guides

Upcoming

Other Stories