Juice Jacking: An Emerging Security Threat

Endpoint protection is becoming increasing important – here’s why

A public USB port is a lifesaver when your mobile phone is out of juice. A free charging station is also a security threat to your smart devices. An attack known as juice jacking is making waves by targeting travellers at airports and basically anyone using public kiosks.

If you or yours frequently use mobile charging ports in Johannesburg, you definitely need to understand what this threat is all about.

What is juice jacking?

Juice jacking uses an infected cable or a charging port to upload malware onto a device or access data from it.

When you charge your phone through your laptop’s USB port, you also activate the option to transfer files between the two devices. Of the five pins in a USB connector, one allows you to charge your cellphone while two pins are generally used for data transfer.

If you’re an iPhone user, your device automatically turns on USB restricted mode to prevent data transfer while allowing charging. However, this mode is also extremely easy to hack.

If your phone comes with Android 6.0 or later versions, you know file transfer is disabled by default when a cable is connected to your device. This default is missing on older Android phones.

When you use a comprised public kiosk in Johannesburg, the information on your device can be downloaded or retrieved by juice jackers. In fact, immediately upon charging, either data can be stolen from your device or malware dropped on your device. Let’s look at how each mechanism works, and how secure data when charging.

How do juice jackers steal data from your phone?

Unmonitored ports at airports, restaurants and hotels can be tampered with. In a data theft, juice jackers can steal any or all data from the device connected to a compromised USB charging port.

This data theft is automated. The juice jacker infects an unsecured kiosk with malware, and drops what is known as a payload that retrieves information from connected devices. A payload is the component of a computer virus that executes the intended malicious activity, such as sending offensive messages stealing data, profit from data leak, destroying data or delivering spam emails through the victim’s account.

There are many ‘tools of the trade’ so to speak, including crawlers that can retrieve your personal information from your phone, and apps that can clone all your phone’s data to another phone with a computer serving as a middleman. Besides accessing your email id, contact details, videos and photos, juice jackers can take screenshots every few seconds!

Juice jackers are not looking to steal data from previously identified people, but hope to steal the personal information we store in our phones, and sell this data on the dark web.

What kind of malware do juice jackers install on your phone?

A hacked USB connection can also serve as a pathway to install malware on your device. The malware can, over time, gather a variety of data, from your call logs and GPS locations to your photos and online purchases.

Juice jackers can install adware that displays advertisements on your device screen without your express permission to generate revenue. While this is annoying rather than strictly harmful, malware can take the form of ransomware that encrypt your files in exchange for a ransom, spyware that monitors you for as long as it remains undetected, and Trojans that create a backdoor on your device to give malicious users access to your system.

With malware becoming more and more sophisticated, your device may remain infected for a long time without your knowledge. If your battery drains very quickly, ads pop up in browsers, or strange new apps that you didn’t download show up on your main screen, there is a good possibility that your device is infected with malware.

Public USB ports can be breached as easily as ATMs. Just like scammers put illegal card-reading devices or skimmers in ATMs to steak debit card numbers, they can also replace public USB ports with their own malicious hardware. If juice jackers can gain physical access to the charging outlet, they can also modify the outlet quite easily.

So, should you give up the convenience of public charging kiosks?

Phone charging tips such as ensuring battery levels of 100% or powering down your phone may not always be feasible. How can you make the most of mobile charging stations at Johannesburg’s public places and avoid having your personal data stolen?

A USB lock is a good USB hacking and data loss prevention product for the frequent traveller. Reliable juice jacking defense can be as simple as Data Block, a lightweight USB juice jacking charger that prevents the transfer of data across devices or from smart devices to firmware.

If you’re a frequent business or leisure traveller, it helps to err on the side of caution given that the transportation industry is the second most-attacked industry. The 2019 IBM X-Force Threat Intelligence Index finds that, since January 2018, over 500 million records from the travel and transportation industry have been stolen or compromised in publicly reported breaches. Juice jacking allows scammers yet another way to launch a variety of cybercrimes. It is best to invest in juice jacking protection well in time before the holiday season arrives.

Leave a Reply