Juice Jacking, now you must be wondering what is it? In other words, it is a USB charger fraud that can play with your phone’s privacy and security: these attacks originate from USBs installed at public places like Airport, Café, Railway Stations, etc. Therefore, if you get into an issue wherein your phone is running low on battery and seeking a connection to plug your charger, be aware that you could also be “juice-jacked”.
It’s not a new threat or a “trojan” which was released recently. The term juice jacking was first coined – more than a decade earlier – in 2011, after researchers developed a charging kiosk to raise awareness about the threat.
Various security agencies, including – the FBI – have published advisory about juice jacking. In India, several banks including State Bank of India or as it is called, SBI also issued a warning notifying the users about juice jacking.
How does it work?
As seen on pendrives, etc, USB ports are widely used for data transfer. When a user connects the charger to the USB port and powers it on – a popup is shown to them which mentions Data Transfer. Data Transfer is usually disabled by default on most phones. Not to forget, it is a two-way process, therefore – if someone can’t access your files (incase Data Transfer is disabled), they may still be able to load malware into your phone.
How risky is Juice Jacking?
Out of all the other circumstances, there are two main dangers which could risk you: the data, privacy and in some cases a control to your phone (or, as it is called cloning).
Data Thievery: If you connect your device to a public USB port, there are high chances that the hacker – on the other side – could access your data and eventually steal it. The stolen data could be photos, videos, messages, etc stored on the phone. It could also contain users’ financial information or other sensitive details which could let hackers steal money from your bank account(s) or impersonate you.
Malware Installation: Cybercriminals can install malware to your phone and clone your phone – this way the criminals can steal your data – GPS location, gallery, call logs and other sensitive information. In some cases, hackers may be having a glance at your screen, monitoring each of the activities and you may not have a hint.
How to be on the safer side?
- Avoid public charging ports.
- Instead of using a USB port to charge your phone, use an electrical wall outlet.
- Carry a power bank to avoid the risk.
- Try switching off the phone before plugging it into charge.
- Update your device frequently on a scheduled basis.