Using a public USB port to charge your phone is quite convenient, especially when you’re travelling. You don’t need to worry about always keeping an adapter at your disposal or keeping the right kind of adapter. In fact, a lot of public places like airports and malls have charging kiosks where users simply need to plug the already-provided cables to juice up their phones. But as convenient as it is, there might be a risk associated with charging your phones via public USB ports and it’s known as ‘Juice Jacking’.
So, what exactly is Juice Jacking?
Although the name itself is pretty suggestive, let’s understand what juice jacking is. In simple words, juice jacking is defined as the process of hijacking a phone while it’s being juiced up. The term was first coined by Brian Krebs in 2011. The Juice Jacking attack involves cybercriminals loading malware on these public charging stations so that they can infect phones and other gadgets of unsuspecting users looking to quickly juice up their gadgets.
Since the same cable that we use to charge our phones are used to transfer data, security researchers figured that the seemingly harmless act of juicing up could also be used by criminals to conduct malicious activities. Ever since this security concern has been discovered, we’ve seen several proofs-of-concept on how this could work out. Amongst the most notable was Mactans that could deploy malware on iOS devices via malicious chargers.
There are two major ways juice jacking could affect your phone. The first is data theft which can be carried out while the phone is charging via the malicious USB port. The second is by injecting malware on your phone which would then stay until detected and removed by the user.
Think twice before you plug in your phone at charging stations. Malware could find a way in and infect your phone, giving hackers a way to steal your passwords and export your data.#SBI #Malware #CyberAttack #CustomerAwareness #Cybercrime #SafeBanking #JuiceJacking pic.twitter.com/xzSMNNNv4U
— State Bank of India (@TheOfficialSBI) December 7, 2019
Should you be worried? What are countermeasures one can adopt to prevent Juice Jacking?
While Juice Jacking is a real threat, there have barely been any cases where this was carried out in the public. Smartphones have also improved over the years in terms of security and there are plenty of tools (like pop-ups that aware users if data is being transferred) available that can be used to prevent such exploits. But since this is an actual threat, it’s better to be safe than sorry.
For starters, don’t use a public USB port or charging cable. Always carry your own charging adapter and cable whenever you’re travelling. This should save you from being at the disposal of public charging stations. Secondly, it’s sensible to invest in a power bank that can be used in situations where it’s difficult to find an empty wall socket, or even a wall socket. But if you still insist on charging your phone via a USB port, it’s recommended to purchase “USB condoms”. As the name might suggest, they add a layer of protection between your phone and the charging port. These “condoms” don’t have the pins (a USB port has 5 pins that serve different functions) that are responsible for data transfer and hence make sure that no unauthorized data transfer takes place.