Juice jacking refers to a type of cyberattack where attackers steal private data or install malware on a target device via a public USB charging port.

The attackers can acquire a myriad of sensitive information, including credit card information, passwords, names, and addresses. Moreover, hackers can install malware to show ads, track keystrokes, or add your device to a botnet network.

How to Avoid Juice Jacking?

How Juice Jacking Works

Juice jacking is a man-in-the-middle (MITM) attack in which attackers exploit vulnerable users via USB connections. A USB connector usually has five pins, but only one is used for charging purposes, while two of the five pins are used for data transfer.

Cybercriminals use this architecture to hack into your device purporting to offer free charging services. When your device is connected to a charging port or other devices such as gaming consoles, the attackers install malware and steal your private data.

Types of juice jacking attacks

Juice Jacking History

Juice jacking was first recorded in August 2011 at the DEF CON hacking convention. Guests were given free charging stations, and when they plugged their devices in, an alert popped up warning them to avoid free charging because their devices could be infected with malware.

To curb the threat, Apple and Android updated their software to warn users of new charging ports and allow them to choose whether to trust a charging station. With the update, untrusted charging options only support charging and not data transfers.