Juice Jacking: A Cyber Attack to Steal Your Sensitive Data
What is Juice Jacking:
Juice jacking is a kind of cyber-attack which comes through public charging port such as hotels, airport or at the mall. Hackers usually install malware with these chargers to copy sensitive data from the tablet, laptops, smartphone or another device. So, always think twice before using that random charging cable found at a hotel, airport or any public place. The data security world first heard about the threat of juice jacking at DefCon in 2011.
Juice jacking happens when a user plugs their devices into USB ports or use USB cables that have been logged with malware. When you plug your phone on the same cable, it offers an approach for a malicious user to gain access to your phone during the charging process of your device.
What can we do to stop Juice Jacking?
We can avoid juice jacking by taking some precautions. Some of them are listed below. Please take these precautions according to your convenience.
Keep Your Devices Charged: The most obvious precaution is to keep your mobile device charged. Make it a habit to charge your phone at your home and office when you’re not actively using it or sitting at your desk doing work. It’s better to find your phone with a 2-3% battery bar instead of charging a suspicious place.
Always Carry your Personal Charger: Chargers have become so small and lightweight and they are very easy to carry on with you. Keep a charger in your bag so you can charge your own phone or other devices and keep your data safer.
Carry a Backup Battery if Possible: If your device allows you to physically swap the battery so it’s a good thing to carry a full spare battery or an external reserve battery and you can go longer without needing to charge your phone to a suspicious outlet.
Apart from ensuring your phone maintains a full battery, there are more software techniques you can use (although, these software does not guarantee to keep you safe from these malware attacks). As such, we can’t truly accept any of these techniques as surely effective, but doing something is more effective than doing nothing.
Lock Your Device: When your device is locked, and inaccessible without the input of a PIN or the passcode, your device should not pair with the device it is connected to. iOS devices will only pair when unlocked–but again, as we mentioned earlier, pairing takes place within seconds so you had better make sure the device really is locked.
Power the Phone Down: This technique only works on a phone model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.
Keep Device Pairing Disable: Always keep your device pairing option disable so that none of the infected devices couldn’t be paired with your device.
Use “Power Only” USB Cables: It’s possible to hack mobile devices using USB cables too as malware can be implanted in USB cables, so USB cables without data wires should be used. These cables known as “power only” cables, these cables have only two wires for power transmission.