The Los Angeles District Attorney urged travelers to avoid public USB power charging stations in hotels, airports, and other public locations. In a security alert published recently, the attorney stated that public charging points may contain dangerous malware that might bring threats to mobile devices.
The LA officials stated that USB connections are designed to work as both data and power transfer mediums without a strong barrier between the two. They also highlighted that attacks can abuse USB connections to hide and deliver secret data payloads, which is referred to as “Juice Jacking” attack.
The Attorney’s warning described many attack vectors that cybercriminals use to abuse USB wall chargers. And the most common way is via “pluggable” USB wall chargers that can be plugged into an AC socket by attackers to leave malware at public charging stations.
The officials also recommended a few security tips for travelers to follow, which include:
- Use an AC power outlet, not a USB charging station
- Take AC and car chargers for your devices when traveling
- Consider buying a portable charger for emergencies
In a similar research, cybersecurity experts stated that using someone else charging cable might bring threats to mobile devices. Attackers could exploit charging cables/cords to access sensitive information from the victim’s mobile.
Hackers could implant Malware into charging cords or cables to hack mobile devices. The USB chargers can be turned into potential hacking devices by inserting a malicious chip that allegedly allows attackers to access a mobile’s data over open Wi-Fi networks. The surprising part here is that the person who’s lending the charger might not be aware that his/her charger is infected.