Expats and tourists find public USB chargers to charge smartphones and other devices useful but charging stations may infect gadgets with malware.
Public authorities providing charging stations are concerned that security developers and cybercriminals have worked out how to deliver malicious software over USB connections.
Although users believe they are merely charging their devices, in many instances, they are downloading malware as well – especially to gadgets running Apple’s iOS operating system.
The current warning comes from the District Attorney in Los Angeles.
USB Charger Scam
“Travelers should avoid using public USB power charging stations in airports, hotels and other locations because they may contain dangerous malware.,” said the DA Jackie Lacey.
“In the USB Charger Scam, often called “juice jacking,” criminals load malware onto charging stations or cables they leave plugged in at the stations so they may infect the phones and other electronic devices of unsuspecting users.
“The malware may lock the device or export data and passwords directly to the scammer.”
Juice jacking is a cyber-attack involving a charging port that doubles as a data connection over USB.
This often involves either installing malware or copying sensitive data from a smartphone, tablet, or other computer device.
Don’t plug into charging stations
Lacey recommends not using USB charging stations at all – plug into a power outlet elsewhere instead.
She also suggests buying a portable charger for emergencies and using powerpacks and car chargers for devices when travelling.
Gadget users are also warned innocent looking USB cables can also be loaded with malicious applications that download automatically when a connection is made to an unwary users device.
However, when asked the district attorney’s office admitted they had no active juice jacking cases, although they knew of incidents elsewhere in the United States.
Several security companies have revealed proof of concept that show juice jacking is possible.