What is juice jacking, and why is it dangerous?

Smartphones help us complete various work and personal tasks, and, depending on our usage, we may need to recharge them several times a day. But when your charger is unavailable and you need power for your phone, charging at public kiosks can seem like a good substitute. Here’s one good reason why you shouldn’t plug a public USB charger into your phone: doing so can make you a victim of a cyberattack called juice jacking.

What is juice jacking?

While newer phones can be charged wirelessly, older models still need power cords to power up their batteries. This charging method has one dangerous flaw: the cable used for charging can also be used for transferring data. Cybercriminals can exploit this flaw to commit juice jacking, or the act of using the USB data/power cable to illegitimately access phone data and/or inject malicious code into a device.

Juice jacking often happens at public charging kiosks. When you charge your phone, it is paired with a computer concealed within the charging stand. The computer can then access all of the information on your device, including personal data such as your address book, notes, photos, music, SMS database, and keyboard cache. It can even initiate a full backup of your phone, which can be accessed by the hacker wirelessly anytime.

Apart from stealing your data, cybercriminals can also inject malware into your phone through a public USB hub. All it takes is a minute of being plugged into a public charger for your phone to be infected by malware. Once infected, your phone can be prompted to display ads, download apps, or view web pages without your authorization.

How to avoid juice jacking

The most effective precaution against juice jacking is simply not charging your phone using a third-party system. Here are some tips to help you avoid using a public kiosk charger:

  • Keep your battery full. Make it a habit to charge your phone at home or at the office when you are not actively using it. When unexpected circumstances happen and you get stuck outside, your phone will have enough juice and you won’t need to charge it.
  • Carry a personal charger. External batteries like power banks have become very small and portable in recent years. Always have one in your bag so you can charge your phone securely on the go.
  • If your device has a removable battery, carry a backup battery with you anywhere. If the idea of carrying a spare battery doesn’t appeal to you, you can opt to carry a battery case instead: it’s a phone case that doubles as a battery.
  • Lock your phone. Without the proper PIN code or fingerprint and face ID scan, your phone cannot be paired with the hidden computer in the kiosk charger.
  • If you must use a third-party power source, use power-only USB cables. These cables are missing the two wires necessary for data transmission, ensuring that they can only be used for charging.

Technology threats are all around us. Even something as trivial as powering your phone in a public kiosk station can compromise your device’s security. If you want to learn more about how to protect your gadgets from today’s security threats, don’t hesitate to call us. Our technology experts are happy to help.

Published with permission from TechAdvisory.org. Source.


Email is the primary avenue of attack for most cybercriminals, who use it to target individuals and businesses with phishing scams, ransomware attacks, and other cyberthreats. Learn how email security maintains the integrity of your emails, accounts, and data.GET A FREE COPY NOW!
+