A few years ago I wrote about the danger of “juice jacking” highlighting the security risks posed by USB charging in public places, where a bad actor could attempt to hack your phone or laptop to steal your precious data or install malware/ransomware.
In most cases, there are no risks at home, but it’s when you charge your device in a public place notably an airport or train station that you could be at risk of hacking. If you’re using an Android phone, there’s an easy way to detect Juice Jacking, and whether something fishy is going on as shown in the screenshots below.
On the left screenshot, I connect my phone to a USB charger, all that changed was the battery icon changed to show it’s charging. But on the right screenshot, I connected my smartphone to my laptop, and since it’s trying to access data, I’m offered three options: transfer photos, transfer files, or charge only.
I suppose you can see where it’s going, as if you can see the right screenshot while charing in a public place that’s only supposed to charge your phone, you’ll know something is not right. I’m using Huawei Prime Y9 2019 running Android 10, but this should be similar with other Android phones. More generally, if you connect a device to a charging pod, and it’s asking you whether it’s OK to transfer photos or files, or access any type of data, something is not quite right. So to avoid juice jacking, you may want to make sure it’s only using the device for charging and inform the person in charge of the location.
Via Ameridroid and DriveSavers
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress
one easy trick is to use charge only cable without data lines connected
That will surely result in 500mA charging current max., if it will even charge.
The newer PortaPow dongles allow 2.4A charging.
I have a PortaPow adapter that converts a USB port into a charging only one. I got it years ago because back then some phones were sniffy about charging from an data port. It stops all those annoying pop ups.
With our both favourite handset mi A2 that screen only shows up when it feels like, sometimes I even cant find this setting in the settings app at all, so in the first case do you trust your Android provider???
I suggest opening Play store and searching ” comodo internet security “. Install the version that suits you. I have been running Comodo beta software, while in testing on my devices, for many years.
I feel this needs one of those trendy exploit pages and logos that are in fashion.. Like a plug from the matrix jacking into a juice box.
I wouldn’t even plug my phone into any public port to be honest
So what if you connect to a cable that for, say, 10 seconds, only exposes the power lines, then suddenly connects the D+/D- lines of a USB hub that exposes storage and a keyboard ? The attacker can then probably scroll through the menus offering the various choices just using arrows, and access the storage to start a script that steals your data, then disconnects before you notice. Just thinking of fun ways to use USB 🙂