FBI Warns You Should Never Recharge Your USB Device At A Public Charging Station
A recent tweet by the FBI Denver field office advised that bad actors (i.e. people with nefarious intentions, not Steven Seagal) have devised a way to hijack public chargers that can infect connected devices with malware or spyware. It's a relatively new technique called "juice jacking" and when infected, the device will expose account login information and other personal data.
Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead. pic.twitter.com/9T62SYen9T
— FBI Denver (@FBIDenver) April 6, 2023
The FBI doesn't explain what exactly criminal hackers are doing to arm public USB ports with malware. Our best guess is instead of being dedicated chargers, the USB ports are tampered with to also push data (containing malware/spyware packets) into an unsuspecting user's phone, tablet, or laptop. To protect yourselves, the FBI says to “carry your own charger and USB cord and use an electrical outlet instead.”
Similar messaging can be found on FBI's info webpage regarding scams and safety, although it does make us wonder if the FBI is seeing an uptick in cases warranting the cautionary tweet. Neither the tweet or the website offers any statistics or specific incidences of juice jacking, however.
In light of this advisory, we'd suggest the following to keep your device safe when charging in public:
- Charge your devices(s) through the AC outlet where possible.
- Use portable powerbanks. These can be topped up either with public USB ports or AC outlets.
- Use data-blocker USB charging cables, which prevent data transfers and are dedicated for charging only.
- When you plug in your device to a public USB port and see a pop-up message requesting to share data, you should immediately unplug. That could mean the port has been compromised.