Many smartphone users connect their device to a computer using USB connection when the battery is running low. Security researchers, however, have warned that this seemingly harmless practice of charging the phone's battery can make the owner vulnerable to hackers.

Researchers from security firm Kaspersky Lab tested several smartphones with different versions of iOS and Android OS to know what data are externally transferred while the devices are connected to a Mac or PC.

The researchers found that by using just a micro USB cable and PC, they can install a third-party application into the phone in just a matter of 3 minutes and this app can access the phone's private data.

Among the private information that are leaked to the laptop the phone is connected to while charging include the device's name, serial number, manufacturer and device type.

Kaspersky Lab researcher Alexey Komarov explained that USB ports are designed to provide both charging capabilities and data transfer, so a mobile device that connects to a USB port "attempts a handshake" with the computer, during which some data can be transmitted.

This means that smartphones that are plugged via USB in computers that are connected to a public networks, such as those in cafes and airports, can put user data at risk of being hacked.

Kaspersky said this poses a security threat albeit indirectly as smartphones can serve as a unique identifier for anyone interested in collecting such data for possible use in the future.

"If you're a decision-maker in a big company, you could easily become the target of professional hackers," Komarov said. "And you don't even have to be highly-skilled in order to perform such attacks, all the information you need can easily be found on the Internet."

The security firm, however, noted that there would not be a problem if all the attacker could do was just collect a few unique identifiers.

Kaspersky urged smartphone users to use only trusted charging stations and computers when charging devices; use a password or fingerprint recognition; refrain from unlocking the phone while charging; and use encryption technologies and secure containers to protect the phone's data.

iPhone users, for instance, may also use this security app to check if their device has been hacked.

ⓒ 2021 All rights reserved. Do not reproduce without permission.