Juice Jacking: New Frontiers in Computer Hacking


Juice Jacking: what is it

The expression “juice jacking” refers to a computer hacking technique that involves the manipulation of public USB charging stationssuch as those present in airports, hotels or other public places, to steal user data or install malware on their mobile devices. The term derives from the combination of two English words: juice, which means «juice» or «energy», and jacking which in computer science indicates the action of stealing or taking control of a system.

In practice, cybercriminals install data logging devices on public USB charging terminals, which allow them to access data from users’ mobile devices when they are connected for charging. In some cases, these devices can also be used to install malware on users’ mobile devices, which allows criminals to control their devices or steal personal information, such as passwords and credit card numbers.

Juice Jacking: how to protect yourself

To protect yourself from juice jacking, cybersecurity experts recommend using only your own USB chargers and cables, avoiding using public USB charging stations, and using a wall outlet or portable charger instead. Alternatively, you can use a USB data-blocker adapter that prevents data access while the device is charging.

Juice jacking works similarly to other types of USB-based cyber attacks, such as infecting a computer via an infected USB flash drive. In this case, the attacker uses a malicious USB cable that hides a hacking device, such as a miniaturized computer, so he can steal data or install malware on the victim’s mobile device.

When the victim connects their mobile device to the compromised USB charging station using the malicious USB cable, the hacking device embedded in the cable starts interacting with the victim’s mobile device. For example, it might use hacking software to access data stored on your device, such as photos, text messages, banking details, or login information, or it might install malware that remains hidden on your mobile device and can be used for malicious purposes.
In some cases, the attacker could also use the USB connection to activate features on the victim’s mobile device, such as sending text messages or making calls. However, this type of attack requires a high degree of technical sophistication and knowledge of the specific vulnerabilities of the victim’s mobile device.

For protect yourself from juice jackingIt is important to avoid using public or compromised USB charging stations, use only trusted and verified USB cables, and use up-to-date antivirus software on your mobile device. Additionally, you can use a portable power bank to avoid the risk of juice jacking when you don’t have a reliable electrical outlet.

There aren’t many famous examples of juice jackingbut there have been some cases of similar attacks that used similar techniques. For example:

  • In 2011, public charging stations at San Francisco airports were discovered to be installing malicious USB charging kiosks. These kiosks contained malicious software that stole personal information from users’ mobile devices.
  • In 2016, a hacker used a malicious USB charging station at a security conference in Las Vegas to install malware on a victim’s mobile device.
  • In 2019, the LAPD warned the public to avoid using public USB charging stations due to the risk of juice jacking.

Juice Jacking: the risk

In general, juice jacking is not a common attack because it requires physical access to the compromised USB charging station and the victim’s willingness to use public or unverified charging stations. However, cybersecurity experts continue to stress the importance of being aware of the risk of juice jacking and taking steps to protect your mobile devices.

Cyber ​​attacks like these can seriously harm professionals. However, it is possible to safeguard your data by adopting one Cyber ​​Risk policy. This coverage allows the insured to protect himself from cyber attacks and the resulting expenses and losses of data and confidential information. Furthermore, this coverage provides expert intervention for the recovery of lost data and decontamination from any malware. All these are services included in the Smart version, which has a maximum limit of up to €25 thousand. Lokky also offers its customers the possibility of taking out a Top version of the policy, which provides for an increase in the limit up to €250 thousand and the inclusion of numerous additional guarantees, including a daily allowance for business interruption and coverage of expenses for restoring the company’s image.

latest posts published

Lokky, the Italian data driven insurtech for professionals and SMEs

Lokky, the Italian data driven insurtech for professionals and SMEs

EconomyUp interviews Paolo Tanfoglio and Sauro Mostarda, Co-founder and CEO of Lokky Awarded as 'Best ...
An ally for cyber security: Load Balancing

An ally for cyber security: Load Balancing

Having a fast, high-performance and reliable website is a non-negligible aspect for those who have ...
Business Trend 2023 for SMEs, professionals and commercial activities

Business Trend 2023 for SMEs, professionals and commercial activities

The main trends of 2023 that you will need to consider in your business Digital ...
Occupational risks for pastry shops

Occupational risks for pastry shops

The pastry chef's activity involves the production of confectionery products, from the preparation of the ...
How to read a pay slip

How to read a pay slip

In collaboration with our partner F2Dwe decided to delve deeper into the elements that make ...
What are the most common cyber risks and how to protect yourself

What are the most common cyber risks and how to protect yourself

“Houston, we have a problem."Who doesn't know the words of Jack Swigert, pilot of the ...
Clinical Risk: What it is and What are the consequences

Clinical Risk: What it is and What are the consequences

In recent years, the responsibility of healthcare facilities has increased significantly and with this also ...
Commercial activities most affected by theft

Commercial activities most affected by theft

Theft, shoplifting and armed robberies are a plague for Italian traders. In Europe, Italy is ...
October is European Cyber ​​Security Month

October is European Cyber ​​Security Month

October is the European month dedicated to cybersecurity, a good opportunity to acquire new awareness ...
Estimating cyber risk: importance and difficulties encountered

Estimating cyber risk: importance and difficulties encountered

The biggest challenge regarding cyber security is to estimate cyber risk in a credible, sustainable ...

Leave a Reply

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *