If you are using USB power charging points in railways, airports and other public places, its time to stop plug your phone. Threat actors modify the USB KisoK to install malware on your phone, this type of attack called the USB charger scam or Juice-jacking.

By having the malware installed on the phone they can access messages, photos, videos, e-mails, locations, notes, contact details, sensitive files, and others perform other activities.


Free USB Charging Points Are Safe?

The USB cables are designed not only to charge the device they also transfer the data. The Free USB charging points are mostly unmaintained so that attackers can easily tamper it.

Los Angles Deputy District Attorney, Luke Sisak said that attackers load malware on the charging KisoK, once users plugged the phone they get infected with the malware.

They also Tweet that” Avoid using public USB charging stations at airports and other locations. Deputy District Attorney Luke Sisak explains how the “juice jacking” scam works “

Caleb Barlow, Vice President of X-Force Threat Intelligence at IBM Security said that “Plugging into a public USB port is kind of like finding a toothbrush on the side of the road and deciding to stick it in your mouth.”

A recent victim of this of type of attack is Amit Kumar Mishra from Delhi, he plugged his phone in USB power charging points at Central Delhi’s Connaught Place.

After plugging in the phone within a few minutes he received a message in his iPhone stated as “Rs 50,000 has been debited from my bank account, though I had not made any such transaction.” He confirms with Indiatoday that he didn’t perform any transaction.

Another victim is Sushmita Purohit who uses charging points at South Delhi’s Khan Market noted that some objectionable content posted on her social media handle.

The complaint has been failed with Delhi police and the police suspect their phones are hacked while using Free USB charging points. “They are two of the many victims of a rising criminal phenomenon known as juice jacking,” said police sources.

How to Stay Safe

  • Carry your charger and plug into an AC outlet for charging or Use Pwerbanks
  • If you are supposed to use USB charging points then switch off the phone and charge
  • Else you can use Juice-Jack Defender which blocks any data passing

Also Read:What is Keylogger? How does it work?

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.