The FBI is warning airline passengers to avoid using free USB charging points in airports because they could be loaded with spy malware that will infect phones and other electronic gadgets and steal your personal data, including passwords and other sensitive data.
Cyber security experts have coined the term ‘juice jacking’ for this type of crime, leading the Federal Communications Commission to issue several warnings about the threat in recent years.
The FBI and the FCC warn that any public USB charging station, including in hotel lobbies and airports, could be vulnerable to Juice Jacking, although both agencies aren’t actually aware of any specific instances of this type of crime actually taking place in real life.
So, how concerned should you be about Juice Jacking? Given the fact that there haven’t been any confirmed cases in the United States, the risk is pretty low, although that doesn’t mean you are completely safe.
Earlier this week, the FBI’s Baltimore field office even posted about the threat on its official X account, urging passengers to avoid using free USB charging points… not only in airports but anywhere where the public have free access.
The FCC fears that malware-infected phones could be remotely locked and then personal data stolen and sol on to bad actors.
So concerned is the FCC about the threat that they encourage passengers to avoid free USB charging points altogether and instead use an AC power outlet or battery pack if you need some extra charge during your travels.
If you really need to use a USB outlet, the FCC suggests investing in a charging-only cable, which prevents data from sending or receiving while charging. If you do go for this option, however, the FCC suggests purchasing from a trusted supplier.
The Juice Jacking threat has been around since 2011, although, in recent years, big tech companies like Apple and Samsung have taken steps to make their devices less vulnerable to the risk of malware infection.
When you plug your device into a USB point you may often be presented with a prompt asking if you want to “share data” or “trust this computer” or “charge only.” You should select “charge only” to help keep your personal data safe.
Oh Geez… not this again. As you mentioned, there has not been one incident EVER in the U.S. Is it possible? Yes. Is it likely? No. You are more at risk of getting hit by lightening than to get “juice jacked”
Not once incident REPORTED. FTFY
They never explained the DETAILS of how plugging your phone into that public port allow the malware to get into your phone when there’s just power coming out of that port. The message they talked about asking if you want to allow data transfer only occurs when you’re plugging into a laptop USB port because that’s a device that can transfer data to your phone but a public charging port is not a device that has data to be transferred into your phone…. That’s the part they never explained. So without using a USB port on an intelligent device, there’s no way JUICE JACKING can occur. JUICE JACKING WOULD REQUIRE THE USB PORT YOUR PLUGGING INTO TO BE AN INTELLIGENT DEVICE ITSELF. SO EVEN IF YOU HAVE PRE-EXISTING MALWARE ON YOUR PHONE , ITS NOT BEING CAUSED BY THE USB PORT YOU’RE PLUGGING INTO AT AIR PORT.
Simply use a charging cable rather than a data cable. The charging cable only contains the power wires and can not transfer data. If the FCC is truly concerned, they could require all charging ports in airports to contain only power connectors making this issue obsolete.