Have you heard about JUICE JACKING ATTACKS?
Running out of battery and being desperate to charge your phone, has happened to us all. And also using public USB ports like the ones in public transportation, has happened to us all. But, have we all been victims to Juice Jacking Attacks or are we all aware of it? Probably not.
Plugging your phone into a public USB port can transfer not only electricity but also personal data and malware – but how?
Juice Jacking Attacks is the infection, by a malicious actor, of a USB port or the cable attached to the port with malware. Any USB port can be infected with malware (including but not limited to the public USB ports in airports, train stations, buses, etc…)
The malicious actor could have access to your phone and download your personal data once you connect your phone to the infected USB port.
How does the Juice Jacking Attack work?
The Juice Jacking Attack is a Man in The Middle Attack in which the malicious actor infects a cable and waits for someone to use it. It’s a successful attack since the same USB that charges your phone is the same one that gives the malicious actor access to your phone. The USB contains 5 pins, one is used for charging and two are used for data transferring. The victim only always thinks about the pin that charges their phone.
There are 4 types of juice-jacking attacks:
- Data Theft Juice Jacking Attack
All the Data on the phone will be automatically transferred to the malicious actor once the phone is connected. Depending on how long the phone will be connected, sometimes the actor can make a full backup (including but not limited to photos, credit card information etc…)
- Malware Virus Infection Juice Jacking Attack
Basically, the attacker infects your device with malware. Once your phone is connected, it will be susceptible to all the harm associated with the malware/virus infection.
- Multi-Device Juice Jacking Attack
It’s the same as the malware virus infection juice hacking attack, with the difference that your phone will become a virus carrier and may infect other devices and/or ports.
- Disabling Juice Jacking Attack
This attack can give full access to the attacker by logging out the victim out of their device.
Now you know what is Juice Jacking Attack is, and you know what are the types of Juice Jacking Attacks, but how to prevent them?
There are 4 ways to prevent Juice Jacking Attack:
- Avoid using public USB ports;
- When using a public USB port you can disable on your phone the option of automatic transfer through cables, lock your device or turn it off while connected to the cable and if you were asked to trust this computer, you just have to deny the permission.
- Use a wall outlet, a USB battery, or a backup battery; or
- Use a USB pass-through device.
Don’t underestimate the Juice Jack Attack, be aware of it, protect your data and keep in mind that any public USB port can be infected!