Juice Jacking: USB as an Attack Vector

Juice Jacking: USB as an Attack Vector

By Chuck Danley, LeaderQuest Colorado Springs Instructor

Cyber Security awareness is vital in today’s world. Even the tiniest detail like charging your phone could affect the security of your device. Charging electronic devices in a public place exposes them to a risk that hasn’t gotten much attention – juice jacking.

What is Juice Jacking?

USB cables, regardless of type, all have the common feature that they permit the power supply and data stream simultaneously. Charging stations or kiosks available in public places (e.g. airport, hotel, or mall) also have data connections despite their name. Users don’t always intend to use both capabilities, especially when all they want is a quick boost to the battery. Malicious users will use the data stream to their advantage while the device charges. According to cyber security researchers at a Black Hat and DefCon security conference, it takes less than a minute to gain full access to the electronic device and retrieve photos and contact information. Worse is a persistent attack that injects code directly into the device or that pairs (establishes a trusted relationship) with the device.

Brian Markus, president of Aires Security, said he and fellow researchers Joseph Mlodzianowski and Robert Rowley built a charging kiosk to educate attendees about the potential cyber security perils of juicing up at random power stations. Markus explains the motivation behind the experiment: “We’d been talking about how dangerous these charging stations could be. Most smartphones are configured to just connect and dump off data. Anyone could put a system inside of one of these kiosks that when someone connects their phone can suck down all of the photos and data, or write malware to the device.” Markus continued, “One attendee claimed his phone had USB transfer off and he would be fine. When he plugged in, it instantly went into USB transfer mode. He then sheepishly said, ‘Guess that setting doesn’t work.’”

What Do Juice Jackers Want?

Once injected, the code can perform a number of actions, from transferring data from the device to locking it so that it no longer works at all. Additionally, the code can wait until the device connects to another computer before finally downloading to the desired target. This could be a computer at home or work and can pose a huge cyber security threat to home and work devices alike.

Many electronic devices are configured to dump their data when making a connection with a USB cord. Even if the user attempts to manually disable the USB transfer mode by selecting the charge only option, the device is predisposed to transfer and will try to transfer the data, especially through a trusted relationship. The malicious user can connect to the trusted device through any available connection at any time of their choosing. This trust lasts for the life of the file system of that device. The owner of the device can do a factory reset to remove all existing trusted relationships, but the reset will also delete all other data (contacts) in the process.

Dangers of Charging Through Computer USB Ports

Every connection used on a computer provides a path for someone to exploit. Many users don’t think of their cell phone as being a computer, but that’s exactly what it is. Think before activating any connection on a computer, “How can this connection expose this computer to an attack?” The USB connection is one specific connection that very few people have given much thought to when it comes to cyber security. As mentioned above, not only does the USB provide a path for power, it also provides a path for data. The data path exists even if the intent is only to charge.

While charging in this fashion the phone can communicate through the USB cable and the cellular network simultaneously. There aren’t any tools to protect the cellular network connection from exploit, and malware can hide itself from the network’s tools to prevent data transfer. The exploit could use the phone to transfer data from any connected computer through the cellular connection. This vulnerability extends beyond the host that the cell phone is connected. Most computers have another connection through a switch and/or router which provides a path to attack additional potential targets on the same network.

[inlinetweet prefix=”” tweeter=”LeaderQuest_USA” suffix=””]By plugging in an infected phone, you could infect your entire network at work or at home.[/inlinetweet]

This means that your phone is a great target for hackers to spread their code, whether the malicious code came from your phone or the computer you connected it to.

How to Avoid Juice Jacking

Make sure you plug your phone into a power outlet charger instead! By using the “brick” and USB cord to charge your phone, you avoid any data transfer, and thus you avoid having viruses downloaded from or uploaded to your device. Avoid using 3rd party charging systems (such as those in airports) when possible, as they may have been compromised by hackers.

Ultimately, the best defense against a compromised mobile device or charging system is cyber security awareness. Learn about the possible risks and threats, and take action to minimize exposure to them.

Are you interested in Cyber Security?

LeaderQuest offers cyber security training to help you get the IT and cyber security certifications you need to enter the career of your choice! Our Career Training Consultants are experts on IT certification and can help you choose a training path that will help you get qualified for the job you really want quickly. If you’re interested in getting certified, don’t wait to get in touch!

Contact Us!

About the Author

Chuck Danley is an instructor at LeaderQuest with 30+ years of experience. He has a Masters of Engineering in Aerospace Engineering and a BS in Electrical Engineering. Chuck’s focus is on network and information security, but he has some experience in most aspects of IT from designing a LAN to the configuration of network resources to making prototypes for software acquisition. His primary focus is on ensuring the operation of IT resources in the most secure way possible.