Blog>Articles>Safety>What is Juice Jacking? Dangers of Using Public USB Ports
  • 10419
  • 0
Safety

What is Juice Jacking? Dangers of Using Public USB Ports

Michelle Wilson - October 27, 2021

what is juice jacking - dangers of using public usb ports

It’s hard to imagine life without our smartphones. After all, we’re dependent on them for so many things. Just imagine trying to drive somewhere new without using a GPS app on your phone. Or what if, instead of taking a wallet with you everywhere, you use a digital wallet on your phone? How would you pay for groceries if your phone was dead?

Given how much we depend on our phones for everyday things, it’s no surprise that when the bars on our phones start to get low, we begin to get anxious. And when that anxiety sets in, we’ll likely do anything to recharge our phone. Fortunately, many places, such as airports, and malls, offer USB ports so that you can recharge your phone. This allows you to continue sharing a post on social media or finish downloading directions to your next destination. While this may seem like a lifesaver, it does come with its share of risks. More specifically, using a public USB ports puts you at risk for juice jacking.

What is Juice Jacking and How Does it Work?

what is juice jacking and how does it work

A standard USB port conveys both electricity and data. As such, cybercriminals are able to modify USB ports so that they can deliver malware to any device that connects to them.

Juice jacking first entered the public consciousness at DefCon in 2011 through a public charging kiosk set up by researchers from Aires Security. The kiosk screen announced that people could charge their phones for free. However, when users plugged in their devices, they received a message on their screens that warned them about the possibility of receiving a malware payload from free public charging stations.

In 2012, security researcher Kyle Osborn gave details about an attack called Phone to Phone Android Debug Bridge (P2P-ADB), which utilized USB OTG (on-the-go) features. Essentially, the attack used a cable called the Kos Cable, which enabled one Android phone to attack another Android phone through USB. The attack resulted in the victim’s phone getting unlocked so that the criminal could steal the authentication keys that gave access to their Google account.

At the Black Hat conference in 2013, Georgia Tech researchers showed how they could use electronics to fit into a USB wall charger or AC adapter and deliver iOS malware in 80 seconds. The victim’s iOS device showed no signs of being tampered with. Therefore, the victim would remain unaware that anything was wrong. Then when they opened Facebook, this would cause a Trojan to launch.

In 2015, Samy Kamkar, a security researcher, introduced an Arduino-based USB AC adaptor named KeySweeper. KeySweeper captured, decrypted, and recorded all keystrokes from any Microsoft wireless keyboard within its range. Then, in 2016, Aries Security showed how they could use a USB charging cable to record and send video footage of a smartphone screen to another monitor. In other words, a cybercriminal could hijack a smartphone’s ability to mirror its displays onto another screen. They called this form of hacking video jacking. This method would result in the theft of any personal or authentication data that appeared on the victim’s screen.

The Los Angeles County District Attorney’s Office recently put out an advisory in November 2019, warning travelers about juice jacking. However, there is little evidence that juice jacking is a widespread problem. This is most likely because Apple and Google have added security features to their operating systems to prevent juice jacking from taking place.

We’ve Given You Some History of Juice Jacking, but How Exactly Does It Work?

Juice jacking works by opening a pathway into your device during the charging process that a cybercriminal can export. This is possible because the power supply and data for a smartphone both pass through the same USB cable. As a result, devices can share information. In most cases, your device will have the data transfer disabled by default. For example, if you plug your phone into your computer, you’ll receive a message asking if you trust the device and allow it to share data with your phone. However, when it comes to juice jacking, you can’t see what your USB port connects your phone to. Therefore, someone can move data between your device and theirs. As a result, your data can be stolen, and they can install malware on your device.

Your Data Can be Stolen

Cybercriminals can copy sensitive data from your device by surreptitiously connecting to your phone through a compromised USB port. In other words, they can gain access to your passwords, pins, credit card information, etc.

Malware Can Be Installed on Your Device

If a cybercriminal compromises a public USB port, they can enable malware to infect your plugged-in device. A malware infection may result in your data being stolen.

A malware infection works by crawling your device to find personal information, account credentials, and financial information. The cybercriminal can then transfer this data onto their own device and use it to steal your money or impersonate you. In some cases, a criminal will leak your social media data online so that anyone can hack your account and impersonate you.

Malware can also be used to freeze or encrypt your phone. The cybercriminal will then demand payment to restore your device.

How to Protect Your Devices from Juice Jacking

how to protect your devices from juice jacking

The existence of juice jacking means that you need to think twice about where you charge your phone. However, although juice jacking sounds scary, there are things you can do to keep yourself safe:

Avoid Public Charging Stations

Public charging stations are convenient, but that doesn’t mean they’re trustworthy. This is why the number one way not to be a victim of juice jacking is to avoid using a public charging station. Seems obvious, right? Well, what do I do in an emergency, you ask? It’s simple, carry a wall charger with you and use it to plug in your USB cable, and then find a wall plug. This is a safe alternative because data can’t transfer between your phone and a regular AC wall outlet. However, if you’re traveling, you’ll need to make sure you have the right wall adapter for the country you’re in.

Buy a Portable Charger

A great way to avoid charging your phone using a public charging station or wall socket is to purchase a portable charger. With a portable charger, you can not only charge on the go, but you can avoid the issue of juice jacking entirely. Furthermore, there are a number of portable charger models that are made small enough to fit in your purse or pocket.

Configure your Devices

To secure your device against juice jacking, you should lock your phone, so it can’t pair with a connected device. Alternatively, or in addition, you should power down your phone before charging it. Another option is to add an app that secures all data transfers and/or enable the “ASK ME” feature for any new connection on your phone. The ASK ME feature will require your device to always ask for your permission before accepting a link to your device. In this way, you have complete control over what devices connect to your phone and prevent juice jacking.

Related Posts

woman using online dating app
Safety
Tinder Search: Everything You Need to Know

Lily Evans - January 30, 2025

chicago skyline view from lincoln park
Safety
Safest State in America: Our Top Five Picks

Richard Grey - September 1, 2024

how to check if a car is stolen 2022 guide
Safety
How to Check if a Car is Stolen in 2025

Michelle Wilson - January 27, 2024

Recent Posts

An upset cheating military spouse sitting on a sofa
Relationships
Cheating Military Spouse: What You Need to...
A couple going through a divorce and arguing in front of a judge.
Relationships
What Is the Divorce Rate in America? What ...
A person holding a phone, reading a text message about winning something. The message includes a fake link, one of the most common examples of spam text messages.
Reverse Phone Lookup
Spam Text Messages Examples: Spot Them Bef...
Image of a wife holding a shirt with a lipstick mark confronting their husband, depicting the concept of percentage of men cheating in a relationship.
Relationships
What Percentage of Men Cheat? The Truth Ab...

Popular Posts

Sorry. No data so far.

Tags

Safety
People Search