Home > Tech Explained

Avoiding “Juice Jacking” Attacks on Your Phone

By Simon Batt
Avoiding “Juice Jacking” Attacks on Your Phone Featured Image

Being caught out in public with a dead phone battery can be a hassle. Thankfully, some public places (such as airports) have set up charging stations which allow you to give juice to your dying device. Just plug in your charger cable, attach your phone, and you’ll be charging in no time. Convenient, right?

Unfortunately, while convenient for you, it’s also convenient for people with malicious intentions! These charging stations can be compromised in a way that accesses your phone without your permission. From here, it can either transfer malware onto the phone or steal data from it. This is the case of “juice jacking,” and it’s a problem that will keep you from always trusting public charging stations when you see them.

How Does It Work?

juice-jacking-charger

If you’ve ever plugged your phone into a computer using a USB cable, you’ll notice it does two things. First, it’ll charge the battery as if you plugged it into a power outlet. Second, you’ll notice that the phone can share files and folders with the computer. The USB cable, in this scenario, works in two ways, both as a charger and a way to transfer data. This is what makes USB cables particularly attractive, as it can do two jobs at the same time.

When you’re using a legitimate charging station via USB, you’re only using the first feature of USB cables – the charging. However, someone with malicious intent can make additions to the charging station in a way that uses the second feature – the data transfer. They use this untapped potential to either put malicious code onto your phone or drag data off of it. People plug in their phones thinking they’ll only get a battery charge when in reality they’re receiving far worse!

Dodging a Juice Jacking Attack

So now you know what juice jacking is and where it can lurk. Now for the important bit: how do you stop a juice jacking attack from hitting your phone?

Don’t Use Public Chargers

As with most malicious attacks, the absolute best protection you can use is a sense of caution. Never use a charging station that requires a USB connection to charge. If you want to charge your phone on the go, simply use an AC adapter and plug it into a power socket when you find one. Juice jacking can’t work through a power socket, so you’ll have nothing to fear!

If you end up using a public charging station via USB and the phone asks if you want to mount the drive, never do so! Doing so will open up your device for data transfers by the station. Make sure your device doesn’t automatically mount itself when plugged in via USB, either.

juice-jacking-cable

Charge-Only USB Cables

If you really have to use a USB charging station while on the fly, you can use a USB charge-only cable instead. These cables cut out the USB’s ability to transfer data over USB, so any malicious code within charging stations can’t get at your phone. You’ll receive all the benefits of a public charger without any of the risks that are involved alongside it. A good example of a charge-only cable is the PortaPow.

juice-jacking-adapter

USB Converter

You can also get small devices that convert regular USB cables into charge-only ones which have the crude nickname of “USB condom.” The idea is that you plug this into the port, then plug your USB cable into the device itself. The device prevents data from being transferred, so you can charge your phone without having to worry. A good example of such a device is the SyncStop. There’s even a guide on how to make your own!

Personal Chargers

If you want to take matters into your own hands, you can carry around a personal charger or portable battery. When you’re running out of charge, simply plug your phone into one of these and you’ll be back in action in no time. It also comes with the added benefit of not having to frantically hunt for a power point as your phone slowly dies on you!

Juiced Up

With the convenience of being able to use charging stations, there also comes the convenience of manipulating it to steal data or transfer malware to connected devices. Stay away from public charging stations, use a power outlet, get a USB charge-only cable or device, or simply carry around your own charging methods to stop yourself from becoming a target.

Did you trust public charging stations in the past? If so, do you now? Let us know below in the comments.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Simon Batt Avatar
Simon Batt
Simon Batt is a Computer Science graduate with a passion for cybersecurity.

Read next

In 1965, Joe Sutter’s Boeing team began shaping the 747 around a future they thought would belong to supersonic jets, lifting the cockpit onto a hump so the nose could open for cargo once the giant subsonic passenger plane had outlived its brief moment
Vintage keyboard with tactile buttons paired with a modern digital interface on screen.
Apple’s original 1984 Macintosh keyboard had no arrow keys, no function keys, and no numeric pad because Steve Jobs wanted users to reach for the mouse first. Then Apple quietly sold the missing keys as an accessory.
When the SS Great Eastern laid the first working transatlantic telegraph cable in 1866, a message that had taken ten days by steamship suddenly crossed the ocean in minutes, and the financial markets of London and New York were forced, within a single trading week, to invent the modern concept of synchronised global price.
Flat lay of travel essentials including a passport, map, smartphone, and pop camera.
Masahiro Hara and Denso engineers built the QR code in 1994 to help Toyota suppliers scan car parts from any angle, then kept the patent open until phone cameras and a 2020 pandemic turned the factory square into a daily ritual on restaurant tables
In 1965, Mary Allen Wilkes wrote LAP6 for the LINC computer from her parents’ Baltimore home, testing an interactive operating system on a 250-pound machine in the living room and becoming the first known person to use a personal computer at home, twelve years before the Apple II reached buyers
Hands manipulating wires on breadboards for electronic prototyping.
When Grace Hopper wanted to explain a nanosecond to admirals who kept asking why satellites were slow, she handed each of them a piece of wire 11.8 inches long, the exact distance light travels in a billionth of a second, and told them to keep it in their pocket as a reminder that physics, not laziness, sets the limit.
From below of blue starry sky over radio telescope and trees with leaves
The Big Ear telescope was scanning at 1420.4056 megahertz on the night of 15 August 1977, the exact frequency at which hydrogen atoms vibrate across the universe, because Giuseppe Cocconi and Philip Morrison had argued years earlier that any species trying to be found would broadcast on that channel — and then, for 72 seconds, something did.
An astronaut in a spacesuit ventures across a barren, Mars-like desert landscape.
When Doug Wheelock came home after 163 days in space, he said he had craved the aroma of leaves, grass, flowers, and trees, the rush of Earthiness that reaches astronauts only when the hatch opens back onto the living planet