Juice Jacking

Juice jacking is a cyberattack wherein malicious actors install malware or steal data from devices connected to public charging ports in airports, coffee shops, or other public areas.

Juice jacking is a cyberattack wherein malicious actors install malware or steal data from devices connected to public charging ports in airports, coffee shops, or other public areas. When attackers use juice jacking, they exploit USB data transfer features of charging cables to gain entry and commit this act of fraud against victims’ devices.

2023 Global Mobile Threat Report

How Does A Juice Jacking Attack Work?

Here is an overview of how a juice jacking attack works:

  1. Luring Victims: Cybercriminals lure unsuspecting users in with baited charging stations that look very similar to legitimate ones, making it hard for users to distinguish them. This tactic allows cybercriminals to target unsuspecting victims.
  2. USB Data Transfer: USB cables were made to provide charging and transfer data between devices. Except on older Android devices, data transfer mode will be turned off by default unless you change your settings. In the case of a juice jack, the connection is visible only on the end, providing the power. When you plug one into an available port, a data connection is made between your host device and the plugged one, beginning a juice jacking attack on its host device. Thus, whenever a user plugs into a USB port to charge their device, they also open a path for transferring data between devices.
  3. Data Access and Malware Injection: Once connected, a compromised charging station could gain access to your device’s data through the USB data transfer feature, which could allow attackers to gain entry and install malicious software that gives them access to personal information, files, or even control over it.
  4. Data Exfiltration: Cybercriminals can use attacks against mobile devices to gain access to sensitive information on them, including photos, contacts, emails, and passwords that could be used for identity theft or financial fraud purposes. This data could then be exploited for various forms of damage.
  5. Malware Installation: When an attacker gains access to your device, they may install malware or malicious software that allows them to monitor your activities, steal additional data, or compromise security. This threat could enable them to monitor you as you use your phone or computer and access data, providing them an advantage against security threats such as phishing or ransomware attacks.
  6. Concealment: Once an attack has occurred, its perpetrator removes any trace of their presence, making it hard for victims to identify that they’ve been compromised.

Different Types of Juice Jacking

Two ways that juice jacking can work are:

  • Data theft: The connected device’s data is stolen during charging. Cybercriminals can use malware to breach an unprotected kiosk and then deliver an extra payload that steals data from the connected devices. Crawlers can scan your phone for Personally Identifiable Information, account credentials, or banking data in seconds. Many malicious apps can copy all the data from one phone to another, using Windows or Mac computers as intermediaries. 
  • Malware Installation: The malware is installed on the device when connected using the same USB port. The malware stays on the device until the user detects and removes it. Data theft may not be the goal this time, but it is often used to support other criminal activity. The threat actor would not steal the data using malware on a device but somewhat over time. Hackers could then collect more data in this way. Examples of data collected include GPS location, purchase history, interactions on social media, photos, phone logs, and many other processes. Some malware is designed to be hidden, and users may not even know they’re infected.  If there is no evidence of infection, prevention becomes even more crucial.

How To Avoid Juice Jacking

  • Carry Your Charger Adapter and Cable: Use your adapter and cable rather than public charging ports.
  • Utilize a portable battery pack: If you prefer charging your device without connecting to public charging ports, consider investing in a portable battery pack to power it up.
  • Consider Using a USB Data Blocker: A USB data blocker is a small device designed to sit between your charging cable and the USB port at public charging stations and prevent data transfer while still permitting charging.
  • Switch Off Your Device: When charging at public charging ports, switch your device off to prevent any data transfer between it and its battery while charging. Powering down your device will protect against accidental transference during charging and help safeguard against the data transfer.
  • Choose a Reputable Charging Station: When it comes to public charging stations, choose those from trusted sources, like hotels, airports, or coffee shops that take precautions against potential security threats for their customers.

Taking these precautions can significantly lower the risk of juice jacking attacks.

Related Content

Receive Zimperium proprietary research notes and vulnerability bulletins in your inbox

Get started with Zimperium today