Public Charging Stations: The “Juice Jacking” Threat
- SEPTEMBER 15TH, 2025
- 2min read
Public USB charging stations, often found in airports, hotels, or cafes, provide convenience but can also be exploited by cybercriminals. This type of attack, known as juice jacking, involves malicious charging ports or cables that install malware or steal data while a device is charging. In April 2023, the FBI issued a consumer warning about juice jacking, noting an increase in compromised public charging stations being used to harvest sensitive information.
Key Risks
- Malware Installation: Cybercriminals can modify public charging ports or cables to deliver malicious software directly onto your device. Once installed, this malware can be used to monitor activity, steal information, or provide attackers with remote access.
- Data Theft: Public USB ports can be manipulated to silently copy personal or corporate files from a connected device. Sensitive data such as business documents, emails, or photos may be exfiltrated without the user realising it.
- Credential Compromise: Many mobile devices store login credentials, tokens, and authentication data. A compromised charging port could extract this information.
- Privacy Loss: Attackers can harvest device identifiers or metadata while charging. This information can be used to track user behavior and location, reducing personal privacy, particularly while traveling.
Preventive Measures
- Avoid Public USB Charging: Do not connect personal or work devices directly to unknown USB ports in airports, hotels, or cafes.
- Carry Trusted Power Sources: Bring your own charging adapter and connect to a standard electrical outlet instead of a USB port to prevent data risk.
- Use USB Data Blockers: If using a public USB port is unavoidable, employ a data blocker (also called a “USB condom”). These adapters allow charging while physically blocking data pins, preventing information exchange.
- Leverage Portable Power Banks: Carry a fully charged power bank to minimise reliance on public charging stations, especially during travels.
- Raise Awareness: Educate employees and frequent travelers about juice jacking risks and provide them with secure charging accessories as part of corporate security hygiene.
Explore more CIL Advisories
Review Bombing Attacks and Extortion
IntroductionMalicious actors use "review-bombing", a coordinated flood of fake, one-star reviews as an initial step for extortion. This high volume…
NOVEMBER 26TH, 2025
Read More
Synthetic Phishing: AI-Enabled Insider Impersonation
IntroductionThreat actors increasingly use artificial intelligence (AI) to impersonate trusted individuals such as executives, employees, or suppliers within organisations. These…
NOVEMBER 24TH, 2025
Read More
The Silent Security Threat: Data Hoarding
IntroductionThe greatest risk to your organization may be the sheer volume of data we hold, a practice known as Data…
NOVEMBER 19TH, 2025
Read MoreNever miss a CIL Security Advisory
Stay informed with the latest security updates and insights from CIL.
