Skip to main content
Cybersecurity StrategiesData Security and Privacy

Beware of Juice Jacking

By July 12, 2022September 19th, 2024No Comments

If you’re stuck somewhere this summer with a dying smartphone battery, you might not hesitate to use the nearest USB charging station.

Not so fast, my friend. Juice-jacking warnings may cause you to reconsider.

Don’t worry we’re not going to steal your juice just your data.  It’s possible that malware could be installed on a USB port or USB cable connected to one of the public charging stations you decide to connect your device into. The attacker may be able to infect your phone with a virus or malware that can follow your keystrokes or even steal your data while it is charging. 

Although juice jacking does not appear to be a common issue, it’s still a good idea to be aware of your risks and options before charging your car at a public charging station.

What is Juice Jacking?

Smartphones, whether they’re iPhones, BlackBerrys, or Android devices, all have one thing in common: the power and data streams flow through the same connection.

This might be problematic. When your phone connects to another device, it forms a trustworthy relationship with that device by pairing with it. That means the gadgets can exchange data. As a result, when charging, the USB wire creates a path into your device that a cybercriminal could attack.

Data transfer is disabled by default on most phones (except on devices running older Android versions), and the connection is only seen on the end that supplies power.

When you plug your phone into your computer, for example, the computer may display a message asking if you trust the device.

The device owner will not be able to see what the USB port is connected to in the case of juice jacking. If someone is checking on the other end when you plug in the phone, they may be able to transfer data between your device and theirs.

Risks to your devices and data from Juice Jacking:

Juice jacking poses a threat to your gadgets and data.  Here are the two dangers to think about.

Theft of Personal Information
When a device is hooked into a public USB port, the port could have been exploited by a cybercriminal, allowing malware to infect the plugged-in device. Someone could potentially take the info on your mobile device as a result of this.

A cybercriminal might then use a crawler application on your device to look for personally identifying information, account credentials, and financial information.

If the culprit can get that data onto their device, they may be able to impersonate you or gain access to your financial accounts.

Installation of Malware
A virus program might be used by cybercriminals to clone your phone data and move it to their own device. Other infections could aid in the collection of information such as your GPS location, transactions, social media interactions, photographs, and phone logs.

Adware, crypto miners, spyware, Trojans, and ransomware are examples of malware. Once one of these varieties of malware has frozen or encrypted your device, the cyber-thief may demand payment to retrieve your data.

TIPS:

  • Use an AC power outlet, not a USB charging station.
  • Take AC and car chargers for your devices when travelling.
  • Consider buying a portable charger for emergencies.

The LA Police Department has warned passengers against using USB AC adapters at airports, hotels, and other locations.

 

While juice jacking is a real security threat, so far there has been little evidence that it has become a widespread problem. Apple and Google have also added safety features to iOS and Android operating systems to help prevent juice jacking.  So make sure you are always updating your phone!

Your best defence against juice jacking is understanding the risks. Keep your device charged at all times, tote a backup power bank, enable any security features on your device provided by the manufacturer, and consider using a USB pass-through device.

If you would like to learn more about cybersecurity and how to protect yourself from juice jacking click here. Schedule your complimentary summer business systems assessment with one of our experienced technicians today!

https://cybersecurityventures.com/juice-jacking-beware-of-rogue-power-sources/

https://us.norton.com/internetsecurity-mobile-what-is-juice-jacking.html

https://www.travelersunited.org/juice-jacking-why-should-you-know-about-it/