Skip to content

FBI and FCC warn about “Juicejacking” – but just how useful is their advice? – Naked Security

not just for data security or electrical safety, but also for your phone’s battery health. If you can’t avoid them, then be aware that you might be exposing your device to a voltage spike, and that you may need to manually approve any attempt to access your data. Juicejacking, then, is a thing, but it’s a thing that you can defend against by taking sensible precautions.

Juicejacking is a cybersecurity jargon term which has been around since 2011, describing a malicious cyberattack technique that uses USB ports to access personal data. The idea is that, when your phone is running low on battery, people often plug their devices into unknown USB ports to get a quick charge, not realizing that malicious actors can load malware onto these ports in order to access their device. The US FCC and the FBI have recently issued warnings about the risks of juicejacking, emphasizing the need to be aware of the potential for data theft.

Fortunately, Apple and Google have since taken measures to protect their users from juicejacking. When connecting an unfamiliar device to a USB port, a “Trust-or-not” popup appears on the phone, and requires users to unlock the phone and approve the connection before any data can be exchanged. However, there is still a risk of voltage spikes that can harm devices, which is why it is always best to use your own charger whenever possible.

It is worth noting that, when plugging an iPhone or Google Pixel into a Mac or Windows laptop, the phones will not connect automatically. The Mac will require the user to agree to trust the computer at the other end, and the Windows laptop will ask to approve the connection every time before files can be viewed. Additionally, both phones will need to be told to switch out of “No data” mode before connecting.

Overall, juicejacking is something that should be taken seriously, but it is not an insurmountable problem. By being aware of the risks and taking sensible precautions, such as avoiding unknown charging connectors or cables and manually approving any attempts to access your data, you can protect yourself from juicejacking.

Leave a Reply

Your email address will not be published. Required fields are marked *