Smartphones and tablets are indispensable today. We can hardly think of even a single day without them. We carry them almost everywhere we go. And that results in the most common problem we face with them. We need to charge them quite often. Sometimes, when we travel, we run out of charges, and we go to public charging kiosks to charge them. But how safe is that?
In fact, attackers can take advantage of charging mobile devices from public charging kiosks and perpetrate attacks. Juice jacking is one such example.
What is juice jacking in cyber security, and how is juice jacking done?
We often charge our mobile devices with a USB charger. And, sometimes, the same cable is used for data connection also. And, that results in another vulnerability that attackers can exploit to invade privacy and steal sensitive data from the device.
In 2011, Brian Krebs first reported on this attack. He suggested that attackers can set up a rogue public charging kiosk and hide a small computer inside it. As a result, when a smartphone or tablet is plugged into it using a normal USB cable, the hidden computer can inject malicious code or steal sensitive information like the contact list, emails, or other data stored in the device.
How to prevent juice jacking?
Smartphone vendors are already taking steps to prevent this attack. For example, Apple iOS nowadays no longer allows the device to be automatically mounted. They have also released various security patches to fight the vulnerability.
Android devices also prompt the user before mounting the device as a hard drive when the device is plugged in over USB.
And we can always take a few steps to protect ourselves from juice jacking.
- If you are using a public charging kiosk, use the power cord that directly plugs into a regular electrical outlet.
- Power off your device before charging it into a public charging kiosk.
- You can also use “Juice Jack Defender” to charge your mobile devices. These are small USB pass-through devices that enable the charging of mobile devices but block the data transfer capability using that cord.
Is my device vulnerable to juice jacking?
To know whether a device is vulnerable to juice jacking, plug the device into a computer using a normal USB charger. If it mounts …
0 Comments