Free cell phone battery charging stations located in airports, malls, hotels and public places in the U.S. could be at risk from cyber attacks. Cyber criminals would be able to exploit USB ports to infect users’ devices with malware, particularly spy software. This type of attack is called juice jacking. It consists of an attempt to access the data contained in the smartphone using the USB power (juice) cable (jack) itself as a communication channel. The USB charging port of smartphones and mobile devices in fact often serves as both a charging and data connection port, and can be used to exfiltrate confidential data from internal storage, or install malware. Headlines such as the New York Times have reported how cybercriminals, in order to trap people, even intentionally leave infected cables at charging stations, or even in trains, seemingly abandoned or forgotten: if used, they can carry viruses and malicious programs. Usually when new attack techniques are made known, device manufacturers update their operating systems to prevent the risk.  

Here some tips: 

• Recharge your smartphone using the included cable and power supply, plugged into a regular power outlet.
• Use your own power bank to charge the device.
• If you really can’t help but use a public USB port, turn off the phone before charging it. 

Sources

Italian Tech, Carlo Lavalle, 12 aprile 2023

https://www.repubblica.it/tecnologia/2023/04/12/news/non_usate_quella_porta_lavvertimento_dellfbi_contro_le_postazioni_di_ricarica_negli_aeroporti-395812777/

Cybersecurity360, Gancarlo Degani, 6 dicembre 2019

https://www.cybersecurity360.it/nuove-minacce/juice-jacking-cose-come-funziona-e-come-difendere-gli-smartphone-dagli-attacchi-via-usb/