Many individuals frequently go to coffee shops, stores, and other locations with charging ports when their phone’s battery runs low.
Today, however, even seemingly ordinary actions like this can make them fall victim to cyberfraud.
The Reserve Bank of India (RBI) has issued a cautionary message to mobile phone users, advising them against charging their devices via public chargers.
The warning is issued in the wake of rising worries about the security threats presented by the “juice jacking” cyberattack.
Here’s what it is.
What is juice jacking?
The term “juice jacking” was first coined in 2011 by cybersecurity expert Brian Kreb, according to Vox.
It is a type of cyberattack where hackers manipulate public USB charging stations by installing malware on them or altering their hardware, which enables them to steal data from linked devices.
Hackers use this attack, often referred to as port jacking, to obtain sensitive information from the targeted device, including addresses, bank and credit card details, and passwords, explained The Hindu.
Such attacks can take place in a variety of public places, including malls, hotels, cafes, and airports.
The world was first made aware of the threat posed by juice jacking, according to the Security Intelligence website, at the hacking and cybersecurity conference DefCon. Researchers from Aires Security set up a public charging kiosk at the event’s “Wall of Sheep” area as part of an experiment to determine the viability of juice jacking.
The kiosk’s screen claimed to be a free cell phone charging station, but as soon as customers plugged in their phones, it displayed a warning about potential malware payloads from public charging outlets.
Impact Shorts
More ShortsHow does it work?
Malicious charge stations: Scammers install charge stations that seem handy and authentic. Users are unaware that these stations are set up to gather data from devices that are connected, according to Moneycontrol.
Data theft: Malicious software or hardware can begin collecting private information from a connected device as soon as an unwary user connects their device into a hacked charging connection.
Malware injection: In certain scams, the victim’s phone or tablet is compromised by malware that is directly injected into the device while it is charging.
Multi-device attack: Attackers use the linked device to propagate malware to further devices that it might later connect to.
Attack to disable: Juice jacking is a technique used by hackers to lock device owners out of their gadgets, preventing them from accessing them.
How common is it?
Although it’s not the most common attack these days, officials have cautioned against using unreliable free charging stations in public areas.
The Hindu, citing an Ars Technica investigation, said that despite official messages, the majority of cybersecurity experts do not consider juice jacking to be a problem unless users are the target of nation-state hackers, and there are no confirmed examples reported in the wild.
But just because there haven’t been any incidents reported doesn’t mean people can’t be attacked, caution is still advised.
What has the RBI said about the scam?
The RBI underlined how crucial it is to safeguard financial and personal information when utilising mobile devices.
“In today’s digital age, it is crucial for individuals to be vigilant about their cybersecurity. Charging your phone using public ports or conducting financial transactions over public Wi-Fi networks can expose your data to potential threats. It is advisable to use your personal charger and a trusted power source to charge your devices,” RBI said, as per The Hindu Business Line.
Cyberattack risk can also be reduced by utilising a virtual private network (VPN) and making sure that devices have the most recent security patches loaded.
The alert from the RBI serves as a reminder to mobile phone users to exercise caution when it comes to cybersecurity procedures and to take the required safety measures to shield their financial and personal data from potential dangers.
What else can you do?
You can take a few more safety measures to guard against becoming a victim of the juice-jacking scam.
Consider using USB data blockers, also referred to as “USB condoms,” which are tiny adapters that only permit charging while preventing the flow of data, as per Moneycontrol. By doing this, any unauthorised data interchange while charging is prevented.
Your device may unintentionally connect to malicious networks or devices while it looks for a charging source, therefore, turn off the automatic connection feature.
Whenever feasible, stay on reliable and secure WiFi networks.
Avoid using your phone at a public charging station while it’s charging, because this increases the risk of unwanted access.
With inputs from agencies