The actual term is used to describe the cyber-attack executed by bad actors who have illegally tampered with a USB charging station and have transformed it into a cyber weapon able to gain unauthorized access to data stored on your smart device. The tampering often involves criminals loading malicious software into the stations so they can infect any smart device such as a tablet or a phone that connects to it. The malicious software would then allow the troublemakers to infect your smart device with a virus or get access to sensitive information such as passwords or SSNs stored on your device.
DO not fall for the USB charger scam
Limiting the use of public phone charging stations is the best way to avoid becoming a victim. However, long-lasting phone battery life is often a distant dream for most smartphone users.
And if you don’t feel like carrying an AC unit and a charging cable with you all the time, you might have to install proper cyber defense software on your smart device. One of the best ways to be in peace while charging your smartphone on a public USB charging station is to have antivirus software on your phone or a tablet. Any prestigious antivirus software solution would be able to detect that the USB port you are connected to might be compromised and prevent your device from getting locked by the scammers or export data and passwords directly to them.
rechargING phone battery at public charging stations
Using smartphones extensively on the go has now become a trend and sometimes also necessary if you use them for navigation. As a result, phone batteries get exhausted quickly and need to get recharged even on the go. To meet the increasing requirement, charging points are installed at various public places to help people recharge empty batteries of their phones conveniently.
With the surge in smartphones, along with conventional sockets, use of USB ports is also on the rise even at public charging stations, which are easy to use as there is no need of carrying the adopters of chargers that often don’t fit properly in the conventional sockets.
With the increasing convenience of using USP ports to charge smartphones at public charging stations, things become convenient for fraudsters as well to make bank accounts empty as more and more people now use mobile banking and other payment options through mobiles.
The simplest way to avoid this attack from a consumer standpoint is try to charge using AC plug point or using power wires with no data wires present. However, device manufacturers are also brought device protection mechanisms so that the hard drive does not get mounted without authentication.
Beware of ‘juice jacking’
Cybercriminals are on the prowl to infect your mobile devices such as smartphones and tablet computers and access your personal data, or install malware while you charge them.
Specifically, juice jacking is a cyber attack in which criminals use publicly accessible USB charging ports or cables to install malicious software on your mobile device and/or steal personal data from it.
Even a 60-second power-up can be enough to compromise your phone’s data. This is because USB cables allow the transmission of both power and data streams simultaneously. Victims can be left vulnerable to identity theft, financial fraud, and significant stress.
USB charging stations are a common sight in shopping centers, airports, hotels, fast-food restaurants, and even on public transport. While juice jacking is neither new nor particularly widespread so far, it was recently highlighted by Los Angeles County District Attorney’s Office as a significant threat, especially to travelers who can easily find themselves caught short and in need of a battery boost.
How does it work
First, the attackers tamper with the charging stations or cables in public areas, and install malicious software on them. This software then infects the phones of unsuspecting users who subsequently plug into the tampered charger.
The software can invade, damage or even disable your phone. It can also steal or delete data from your phone and possibly spy on your usage activity, to the extent of transmitting your personal information such as account numbers, usernames, passwords, photos, and emails to the perpetrator.
How TO KNOW I’ve been juice jacked?
Hacked mobile devices will often go undetected. But there are a few telltale signs that your device may have been hacked. These include:
a sudden surge in battery consumption or rapid loss of charge, indicating a malicious app may be running in the background
the device operating slower than usual, or restarting without notice
apps taking a long time to load or frequently crashing
changes to device settings that you did not make
increased or abnormal data usage.
How TO protect YOURself?
The tampering of USB charging stations or USB cables is almost impossible to identify. But there are some simple ways to guard against juice jacking:
- avoid USB power charging stations
- use AC power outlets rather than USB ports
- use a portable battery power bank
- carry your own charging cable and adaptor
- use a data-blocker device such as Sync Stop or Juice-Jack Defender. These devices physically prevent data transfer and only allow power to go through while charging
- use power-only USB cables such as Porta Pow, which don’t pass any data.
And finally, if you must use a charging station, keep your phone locked while doing so. USB ports typically don’t sync data from a phone that is locked. Most mobile phones will ask your permission to give the USB port access to your phone’s data when you plug in. If you’re using an unknown or untrustworthy port, make sure you decline.
WHAT TO DO IN CASE OF JUICE JACKED?
If you suspect you have fallen prey, there are several things you can do to protect your device’s integrity:
monitor your device for unusual activity
delete suspicious apps you don’t recall installing
restore your device to its factory settings
install anti-virus software, such as Avast Antivirus or AVG Antivirus
keep your mobile device’s system software up to date. Developers continually release patches against common types of malware.