The United States Federal Bureau of Investigation issued a warning urging users to stay away from public USB ports due to potential malware threats. FBI warns travelers and commuters to avoid using public USB charging ports that can often be found in airports, buses, hotels and malls, because these ports can be compromised and altered to spread malware or tracking software upon connecting to them. Besides potential threats of being hacked or tracked, you risk losing your sensitive data to bad actors. What is ‘juice jacking’? Let’s discuss it in a following article.
In a tweet by FBI Denver, the Bureau explained the necessity of being careful on your travels. There’s also a guidance on the FBI website recommending commuters and travelers to bring their own chargers and adapters: “Avoid using free charging stations in airports, hotels or shopping centers,” a tweet from the official FBI account read. “Carry your own charger and USB cord and use an electrical outlet instead.” The Federal Communications Commission issued a similar statement urging users to avoid public charging ports: “Don’t let a free USB charge wind up draining your bank account.”
Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead. pic.twitter.com/9T62SYen9T
— FBI Denver (@FBIDenver) April 6, 2023
What is juice jacking?
Juice jacking is a compromise of mobile devices or tablets/laptops that is performed by installing malware on a device via cable for charging or file transferring. The goal of juice jacking is to secretly install malware or steal sensitive data. Juice jacking attacks target unsuspecting victims who plug their devices into public charging stations in malls, hotels, airports etc. The attacker installs malware onto the charging station, which then infects the victim’s device when it is connected. This allows the attacker to steal sensitive information such as passwords, credit card numbers, and other personal data. Considering that many of us have our bank info and even apps like Google Pay, Apple Pay, Cashapp, PayPal in our mobile devices, losing control to our smartphones can be disastrous. Besides that, bad actors can sell sensitive data including personal information, address, photos and text messages. Any user should think of their smartphone as a credit card or passport and treat it accordingly.
Is it safe to charge your smartphone at an airport? Juice jacking isn’t as widespread today as it might become in the near future, but you should still be cautious when accessing some random USB ports outside your home, especially at crowded places like airports and malls. So, is it safe to charge your smartphone at an airport or at the mall? Unfortunately, it is not safe.
How to find out if my smartphone was compromised?
If you are worried about your device being compromised, look out for a few signs that may imply that your smartphone has been altered, including the battery of your device dying quickly than usual, or if you have noticed the steep overheating while performing light tasks or idle. Also, you may receive inappropriate pop-ups including pornographic images or some bloatware (apps you did not install). You may also experience unusual social network activity, where your accounts are used to send some strange links to your friend list. Make sure to check your data usage, because as a result of juice jacking, your phone can be used to browse certain websites without your consent. Even though this phenomenon is pretty new to cybersecurity experts, these key signs may expose the fact of your phone being hacked.
How to prevent juice jacking?
To prevent juice jacking, it is important to take a few precautions when charging your smartphone or tablet in public spaces. Here’s what you need to do in order to know how to prevent juice jacking:
- Bring your own charger brick for an outlet, including your own USB/Lightning cable when traveling or commuting. Plugging your phone in your own charger directly to an electrical outlet will minimize the risk of getting juice jacked.
- Carry a powerbank, external battery or a portable charger of any sort with you. Powerbanks are extremely convenient to carry around and provide you with up to 6-8 full recharges, depending on a battery capacity. However, powerbanks are a bit heavy and can take a lot of space if their battery capacity is over 15,000 mAh.
- Buy a charging-only cable, which prevents any form of sending or receiving data and is only meant for charging. Unlike the usual USB cables that can charge a smartphone and transfer files simultaneously, charging-only cables can only be used to charge a device, eliminating the unsanctioned process of file transferring.
- Buy a USB data blocker. These adapters are tiny and can fit in any purse. Data blockers are adapters that transform your usual USB cable into a charging-only one. You can pick one of those up at Amazon for as low as $5.99 which is nothing compared to what you can potentially lose if your smartphone ends up getting hacked alongside all of your personal information and banking credentials.
These are the main ways of preventing juice jacking when using public USB ports. We at ZoogVPN recommend our customers to avoid charging ports in public places and instead carry around your own charging brick alongside your own USB cable or a powerbank. If you’re in a dire need of a quick charge for an important phone call, make sure that you have a USB data blocker on you or at least carry your own brick for a wall outlet and a USB cable to avoid any potential threats.
What can you do if your phone is already hacked?
Here’s what you should do if your phone is hacked:
- Reset your phone. The safest way of getting rid of malware is resetting your phone, as it will return your phone to the factory settings. Make sure that you write down all the important information stored on your smartphone (contacts etc.) prior to resetting your phone, as all the information will be wiped out once the reset is done.
- Delete bloatware. You may stumble upon some apps you don’t recognize, since you never installed them. Delete any shady app you never use, as it may be a malware app installed by third-parties without your consent.
- Inform your contacts. Once you realize you’ve been hacked, you should let your friends and family know that your device has been compromised and that they should avoid any links sent to them by you.
- Reset your passwords. This one is pretty self-explanatory. Don’t forget about two-factor authentication on every important app including your mail, banking apps and across your social media accounts.
Don’t forget to notify your operator and your bank that your mobile phone has been compromised, so they can temporarily block your SIM-card, your credit card and void all current transactions while you restore your device.
About us
Hope you found this article useful and know you know how to prevent juice jacking. We at ZoogVPN are a young team of professionals aiming for providing the best possible browsing and streaming experience for our customers at the best price on the market. For a number of years, we’ve been providing extremely secure and reliable VPN service whilst giving an option to have a free VPN without annoying advertisements and bloatware. In case you have any doubts, you can try our free VPN worth 10GB of monthly bandwidth, no credit card necessary. Even our free plan is protected by a military-grade encryption cipher, so you can browse and stream stress-free wherever you are. You can expect decent speeds and a variety of available servers, including London, Washington, Amsterdam, Berlin and Singapore.
If you feel like 10GB is not enough for your streaming appetite, you can always upgrade to our affordable premium plans to avoid censorship and stream content as much as you want. Don’t forget to stay hydrated while using Bings AI chat!
- Arsène MaliceArsène is a Kyiv-based staff writer for ZoogVPN, covering everything tech-related from VPN news and social media trends to cybersport events and geek culture. He’s written for several music magazines, and crypto and tech-oriented websites. He tries to keep his finger on the media’s pulse with varying success. You can catch him djing, playing volleyball, and rage-quitting a ranked game in League of Legends.
