Juice jacking is a malicious act of using the lure of a charging station to transfer data, malware, or other malicious code to someone’s smartphone.
A USB cable is designed to convey both electricity and data. By plugging into USB charging stations in airports, hotels and elsewhere, you would expect that only power would be transferred into your device.
However, a malicious station could be set up where the USB connection is configured to allow for both data and power to be transferred. That means, anytime a user connects to a USB port for a charge, they could also be opening a pathway to move data between devices.
This opens up the opportunity for a hacker to transfer malware to your device that could either steal your data or install malware, such as ransomware, onto your device.
Here are some best practices for avoiding juice jacking attacks:
• Don’t use public charging stations that offer USB ports.
• Use your own AC charging adaptor and your own cables to plug into electrical outlets.
• Carry a power bank so you don’t have to rely on power sources of opportunity.
• Use a USB data blocker dongle, which is a product that disables data transfer for USB cables.