Travellers are being told to be wary when plugging their smartphones and laptops into USB chargers.
On Thursday last week, the official Twitter account of the FBI in Denver posted a warning:
“Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead.”
Considering how common it is to see people crowding around plugs at airports, desperately charging their devices before they embark on a long flight, it’s hardly surprising that the FBI’s warning caught the imagination of many in the media.
But, here’s my question…
Has anyone ever actually had their smartphone “juice-jacked” in the real-world?
Yes, I can imagine that the attack might be theoretically possible, and if you happen to be hanging out with a crowd of penetration testers there’s a chance someone might attempt to fool you into plugging into a malicious USB port that they’ve set up…
…but at a public place? At an airport or shopping centre?
Has the FBI (which kicked off this latest media round of interest in juice-jacking) ever actually seen a real-life instance of someone being maliciously hacked through a USB charger?
Have you, dear reader, ever fallen victim to such an attack? If so, I’d love to hear from you. Leave a message in the comments.
Oh and by the way, the scare stories about juice-jacking are nothing new. Check out this edition of the “Smashing Security” podcast from 2019, for instance, where cybercrime author Geoff White and I discuss whether it’s really as big a deal as some have made out…