How to protect yourself from juice jacking when charging your devices in public

1 min read
How to protect yourself from juice jacking when charging your devices in public
The photo shows a person walking with a rolling luggage item and two phones plugged into a USB charging wall. (Photo shared by FBI Denver)

We may receive a portion of sales if you purchase a product through a link in this article at no cost to you, though all opinions are our own. For more information, please read our ethics statement. Please note that pricing and availability are subject to change.

The FBI’s recent warning about the potential risks of charging devices at public charging points has raised eyebrows among smartphone and laptop users. The threat is “juice jacking,” and it involves infecting a device with malware via a compromised USB port or cable while charging.

Although the FBI’s warning on Twitter does not provide details about the scale of the risk posed by public charging stations, the threat has been documented. Public charging stations in locations such as airports, shopping malls, and cafes should ideally be avoided as the outlets may be infected with malware.

The danger lies in the fact that when a user connects a device to a USB cable interface, a trusted handshake is established. Without active malware protection software on the device, malware files can be transferred easily for nefarious activities like running adware and exploiting resources for crypto mining, spying, and ransomware.

Malware can do everything from stealing data to tracking keystrokes, thereby enabling bad actors to gain access to sensitive information such as banking credentials. From extracting files stored on a phone or laptop to injecting malware, a plethora of damage can be inflicted.

The current generation of phones and laptops disables data transfer by default, and a prompt appears every time a USB cable is connected, asking whether the connection is for data transfer or charging. It is important to specify that the connection is for charging only to prevent data transfer.

In 2011, researchers created a compromised charging kiosk loaded with malware to raise awareness. A few years later, security experts developed another device called Mactans that could load malware on an iPhone or iPad under the guise of charging it.

The FBI’s warning is not the first of its kind, and in 2019, the County of Los Angeles also issued a warning about juice jacking, alerting citizens that bad actors could deploy infected USB outlets in public places to wreak havoc.

If using a public charging point is unavoidable, here are a few safety measures to keep in mind:

  1. Find an AC wall outlet for charging instead of a kiosk with multiple cables.
  2. Always keep the device locked while charging or powering it off.
  3. Carry a portable charging solution like a power bank (you can find it on Amazon).
  4. Use a USB pass-through device that disables the data transfer pin and only allows for charging.