What is juice jacking?
Juice jacking is a cyberattack where a public USB charging port is used to steal data or install malware on a device. Juice jacking attacks allow hackers to steal users’ passwords, credit card information, addresses, names, and other data. Attackers can also install malware to track keystrokes, show ads, or add devices to a botnet.
The term “juice jacking” was coined in 2011 by investigative journalist Brian Krebs after he conducted a proof-of-concept attack at DEFCON.
A juice jacking attack can happen in any public place with portable wall chargers or public USB charging stations, like shopping centers, hotels, or cafes.
Hackers infect the USB port or the charging cable before the user connects. Once your phone is connected and charging, the attacker can upload malware to your device, initiate data transfers, or monitor your keystrokes. Let’s look at how juice jacking attacks work in more detail.
How juice jacking works
Juice jacking exploits a device’s vulnerability when it’s connected to a public charging station. Most attacks target mobile devices, such as Android and iOS phones. Older Android versions are particularly susceptible to juice jacking attacks.
When you charge your phone by connecting it to your laptop’s USB port, you can also transfer data between the two devices. That’s because USB ports are not just power sockets: they have multiple pins, but only one is needed to charge your device. Two of the other pins are used for data transfers.
When a user connects their device to a USB port to charge, they make it possible to move data between devices. Hackers use this USB connection functionality at public charging stations to hack into mobile devices and steal your personal data.
Types of juice jacking
Several types of juice jacking attacks exist, with differences between each attack method. Here are the four main juice jacking types:
Data theft juice jacking is when a hacker steals data from your device while you’re charging your phone using a USB port.
The process is typically fully automated, so you probably won’t see a suspicious-looking character lurking nearby and waiting to transfer your personal data onto their device. Hackers often use crawlers to search your device for personally identifiable information (PII), banking details, or account passwords.
They may also use malicious apps to clone all your mobile device’s data to another phone. This method includes using additional hardware (e.g., a Mac or Windows computer) as an intermediary. After cloning your data, cybercriminals can harm you in many ways, from identity theft and impersonation to financial damage.
Cybercriminals may also use juice jacking to install malware or viruses on connected devices (e.g., adware, ransomware, spyware, or trojans).
Each malware type can be used by hackers in different ways. For example, ransomware may encrypt your files so that the criminals can ask for ransom, while spyware allows hackers to monitor and track your activity over a longer period.
Cybercriminals may also use malware to steal personal information and gather data like social media interactions, photos, or call logs.
Many of today’s malicious software is designed to be indetectable, so a user may never realize they have malware on their device.
A multi-device juice jacking attack also infects your device with malware. However, on top of infecting your mobile phone, it’s designed to continue spreading malware without hackers having to do anything. Once your device is infected, it becomes a carrier designed to infect other USB ports.
Multi-device attacks allow cybercriminals to scale up their attacks and infect multiple devices simultaneously.
A disabling juice jacking attack locks the device owner out of their device, giving full access and control to the hacker.
When the phone is connected to the infected USB cable, the attacker loads malware onto the device, disabling it so the user can’t access it anymore. They won’t be able to do anything even if they notice suspicious activity on their phone.
Where juice jacking attacks can occur
Juice jacking can happen in any public place that provides USB charging stations, including:
- Hotels and hostels.
- Charging kiosks.
- Coffee shops.
- Train stations.
You may think that hackers only target places offering a free charge, but that’s not always the case. Even the public charging stations that you typically have to pay for may have malware installed.
Detecting juice jacking attacks
Juice jacking attacks can be difficult to detect. If your device has already been compromised, you may notice some suspicious activity – but that won’t always be the case.
For example, you may notice something you don’t recognize on your phone — like purchases you didn’t make or calls that look suspicious.
Your phone may also start working unusually slowly, or feel hotter than usual. Chances are, you may have picked up malware. For a full list of signs to watch out for, check out this article on how to know if your phone is hacked.
How do I know if a charging station is safe?
Knowing if a charging station has been tampered with is relatively difficult. Most cybercriminals that carry out juice jacking attacks will ensure that it isn’t obvious that a charging station is unsafe.
Because there are no foolproof signs that a charging station isn’t safe, it’s best to avoid public charging stations altogether. Use electrical outlets instead to keep your data safe.
Can juice jacking happen with wireless charging?
Juice jacking typically happens when you connect and charge your device using a USB cable. Therefore, if you’re using wireless charging, you’re unlikely to become a victim of a juice jacking attack.
It’s worth noting that wireless charging stations may present other cybersecurity threats, such as data theft through NFC technology. However, for this type of attack to work, you would need to grant access to your device, so it is unlikely that a wireless charger could lead to someone stealing your data.
How to prevent juice jacking
Juice jacking can have severe consequences. The good news is that you can protect your data and avoid juice jacking attacks in several ways.
Because these attacks can only happen when charging at a public charging station through a USB port, the best thing you can do is not use them. Here are a few other tips for keeping your phone’s data safe.
Get a power bank
Power banks are a safe and convenient way to charge your device on the go. Getting a portable power bank means that you’ll never have to use public charging stations where juice jacking attacks occur. Always ensure your power bank is fully charged so you can use it on the go.
Use a USB data blocker
A USB data blocker is a device that protects your phone from juice jacking when you’re using a public charging station. It plugs into the charging port on your phone and acts as a shield between the public charging station’s cord and your device.
USB data blockers (also known as “USB condoms”) work by blocking data transfer through a charging cable. When you’re using a USB data blocker, hackers have no way to load malware onto your device or steal your data.
Use a power socket instead
Juice jacking attacks only happen when you’re connected to a USB charger. If you absolutely need to charge your phone in public, avoid the risk of infected cables and USB ports and use a power outlet. This is typically a safe way to charge your mobile device and other devices in public.
What to do if you’ve fallen victim to a juice jacking attack
If your phone has started acting weird and you think it has been infected, follow these steps to remove malware from your Android or iPhone device. Essentially, you’ll want to back up all your data, wipe your phone, then use your backup to get all of your data back.
It’s also important to change any potentially compromised passwords. Use another secure device to do so as soon as you can.