Travelers in Los Angeles have been urged by officials not to use public USB charging points for fear they might infect their devices with malware.
LA County district attorney, Jackie Lacey, posted an official fraud alert warning of USB charging scams, also known as “juice jacking.”
“Travelers should avoid using public USB power charging stations in airports, hotels and other locations because they may contain dangerous malware,” it read.
“In the USB charger scam, often called ‘juice jacking,’ criminals load malware onto charging stations or cables they leave plugged in at the stations so they may infect the phones and other electronic devices of unsuspecting users. The malware may lock the device or export data and passwords directly to the scammer.”
The DA’s office urged travelers instead to use AC power outlets and car chargers to charge their devices, and to consider buying portable chargers.
It also urged anyone suspecting they’ve been caught out by this kind of attack to contact their local police.
Juice jacking is nothing new — in fact, attendees at security conference Black Hat all the way back in 2011 were warned about the dangers of plugging their devices into public charging kiosks.
However, the public announcement in LA is illustrative of the elevated threat level today: presumably hackers are stepping up these attacks to capitalize on the sheer number of smartphone and tablet users in need of extra power on the go these days.
It’s one more thing to add to corporate security policies, which should also prohibit employee use of public Wi-Fi if they are logging on to work accounts, unless using a VPN to do so.
Even office rental company WeWork’s Wi-Fi security was recently called out for potentially exposing its customers.
Source: Infosecurity Magazine