The Tech Grinch Blog

The Battery Snatcher

Posted by Autodata on Apr 14, 2020 1:38:37 PM

Your phone’s down to 2% … you’re on your way to meet a friend (respecting social-distancing of course) … and you need to use Google Maps to get there but know your battery will die in the process!

It’s happened to me. I once forgot my powerbank and had to dive into a coffee shop for some emergency charge. Plugging into a mains-power wall socket is fine. But sticking your USB cable straight into a public charging port could present a major risk.

By doing so you might be giving a cyber attacker access to everything on your device… yes that’s right, that hacker now has your mum’s phone number!

It’s called “juice jacking” and it involves stealing information from or installing malware onto smartphones or other mobile devices whilst they are plugged into publicly-accessible USB ports 1. The hack involves the cybercriminal loading malware into charging stations or leaving infected cables plugged in. When an unsuspecting individual then uses that USB port or charging wire, it infects their device 2.

The issue versus normal mains-power sockets is that USB sockets transfer data1, a fact not often realised when you’re in a blind panic to charge your phone.

It only takes 60 seconds for malware to infect your device. Although most smartphones have built-in protection, a determined attacker can bypass these defences 3. The malware usually goes unnoticed, but there are often signs that your phone has been infected:

  • • A sudden surge or rapid loss in battery consumption – this indicates a malicious app may be running in the background 4
  • • Increased data usage above the norm of what you would normally use – malware often runs tasks in the background, draining data 5
  • • Your device operating at a slow rate or restarting without being prompted – apps may take a while to load or frequently crash 6
  • • Excessive overheating – If you haven’t been using your phone it shouldn’t be warm to touch. Phones only appear hot when the processors and power are busy for extended periods of time (or you leave them out in the sun!) 7
  • • You are unable to switch off your device – if your phone opens different apps and the lighting changes on its own that’s is a major sign that someone else has access to your device 8
  • • There are noises or echos during calls – this does occasionally happen but is usually a sign that someone else is listening in on your call 8

Public USB ports are being installed everywhere and proof that the hack is possible is more than enough for cybercriminals to attempt it. Which should give us all food for thought.

TAKE A LOOK AT THIS “USB NINJA” VIDEO presented by world-renowned hacker and Chief Hacking Officer at KnowBe4, Kevin Mitnick.

As Kevin evidences, it only takes plugging your phone into a corrupted power source ONCE for a hacker to steal sensitive data. This hack can occur anywhere with a USB plug power source such as in the workplace, airport departure lounges, buses, trains, coffee shops, restaurants, hotel foyers.

Whether it’s a business device or personal device, you could be giving easy access to credit card details, business deals and a whole host of other information that could put your business or personal finances in jeopardy. And yet the risk of juice jacking is really down to how you choose to charge your phone. If you don’t use USB charger ports then technically you should be fine.

This brings Tech Grinch onto warning about the dangers of USB functionality as a whole. Many devices are set to automatically swap files with any USB port that they are plugged into, giving life to another type of cyber threat:

Weaponised USBs

A weaponised USB attack involves uploading malware to a USB drive. Once plugged into a device the malware can be used to download information or even infect the entire network 9

The Stuxnet attack in 2010 relied on infected USB flash drives to spread a virus and eventually infect the systems at an Iranium uranium-enrichment plant (the attackers’ intended target) effectively sabotaging Iran’s nuclear efforts 10 11. OK, I know what you’re thinking … that was way back in 2010 – is this really still a major threat? Who would plug a random USB into their computer?

Yet according to Kaspersky Labs, 23 million separate USB attacks affected over 700,000 users in 2018 12. Although a lot of businesses have moved to the cloud, many individuals still prefer using USBs to store and transport files, especially if things are slow to download from the cloud. And if the USB you picked up, or were given by someone at work, looks identical to the one you would usually use then it would be easy to make that fatal mistake.

With the threat of a possible attack within the feature of the USB port…


If you carry your own portable battery charger it will enable you to charge your phone without the risk of infecting it with malware.

Instead of charging your phone with a USB port only, if you use an AC power outlet it will prevent any data from being transferred to your phone as AC current doesn’t hold data. By using the plug and the wire together you are protecting your data and is the safest way to charge any device.

A data blocker (often called a “USB condom”!) is a USB that connects to the end of your USB wire and goes into the charger port or laptop you are charging from. The data blocker prevents any data from being transferred between your device and the changing station/computer. This means that even if the charging station you are using contains malware, your phone will be safe from a juice jack.

Providing your phone is locked whilst it’s charging, it will not automatically allow the transfer of any data. If you unlock your phone whilst on charge, even just to read a notification, you are putting your phone data at risk.

Understanding where risks lie is often the key to combatting them. If you enable your end users with the knowledge of how to spot attacks and safeguard against them, you are enforcing your human firewall and giving your business a better chance of preventing an attack.

Conducting a USB drive test will allow you to test your user’s responses to unknown storage devices and will allow you to track how much access your users could potentially be giving a cybercriminal to your company data.

USBs, infected ports and cables are only one way your data can be infiltrated as cyber awareness is much more than physical security. Hackers have an arsenal of attack methods including phishing, SMS/voicemail phishing, social engineering and password management which often rely on HUMAN ERROR to succeed. Only by understanding these threats and reinforcing your human firewall can you combat them.


Alternatively if you want to find out more about USB Drive Tests and how you can protect against other common cybersecurity attacks, please get in touch.

Topics: The Tech Grinch Blog

Blog Posts