FBI says trust no free USB charging in tweet against "Juice Jacking"

"To juice up for free or keep your money" – a modern conundrum.
Amal Jos Chacko
hooded person on phone
Be wary of the hackers


Picture this: You are in an airport lounge en route to a destination you’ve wanted to visit – a much-needed and deserved holiday. The tasteful music playing in your ears is suddenly interrupted by a chime indicating a low charge on your phone. Your eyes scan around and spot an innocent-looking USB port on a kiosk flanked by a charging sign. There is even a cable neatly coiled next to it. Should you go for it? 

You probably shouldn’t. And it’s not just kiosks. USB ports on trains, buses, restaurants, or any public place, in general, shouldn’t be trusted. 

“Juice Jacking” was first showcased at the hacking convention DEF CON in 2011 and continues to be a menace, largely due to its inconspicuous nature. 

The FBI has recently warned people of its dangers. “Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices,” said FBI Denver in an official tweet.

Compared to gaining a charged battery, you stand to lose much more. Your device could be infected by crypto miners that drain your battery to earn hackers some pennies, or worse; your bank accounts could be emptied. These malicious actors could also install malware on your device that tracks your movements through GPS and online purchases and even listen in on your calls.

How does “Juice Jacking” work?

Modern USB ports contain several “pins” that facilitate charging and data transfer. Once plugged into the rogue USB port, hackers can commandeer these pins and access your files or infect your device with malware. It should be noted that modern devices tend to disable data sharing over USB by default.

How can we prevent it?

To put it simply, avoid free charging and USB stations. Or, if you have to, use a power-only USB cable. Relying on a cable left behind could even total your device. Also worth considering is a “USB condom” – a device that masks the data transfer pins on your cable. Portable battery banks and external chargers with built-in batteries are convenient alternatives. 

You could also turn your phone off while it charges. No reel of the cutest cat ever is worth compromising your data and security.

But the absolute safest is the good old AC charger and your own cable. Perhaps not all modern problems need modern solutions.

Add Interesting Engineering to your Google News feed.
Add Interesting Engineering to your Google News feed.
message circleSHOW COMMENT (1)chevron
Job Board