FBI office warns against using public phone charging stations at airports or malls, citing malware risk

The FBI’s Denver office is warning the public against using that public charging stations that you see in the airport or the mall. 

“Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices,” the FBI Denver office tweeted in a general alert. “Carry your own charger and USB cord and use an electrical outlet instead.”

There was no specific incident that caused the public service announcement, FBI Denver told CBS News. Rather, it was meant as a field office warning.

“Juice jacking” — a term coined in 2011 — remains a concern, according to the U.S. government. FCC officials warn malware installed through a corrupted USB port can lock a device or export personal data and passwords directly to a criminal. The sensitive information can then be used to access online accounts or be sold to other bad actors. In some cases, criminals may have intentionally left infected cables plugged in at charging stations. 

“The scary part of juice jacking is that you probably won’t even be able to tell that your phone is infected with malware after plugging it into a compromised USB port,” Matt Swinder, editor-in-chief and founder of TheShortcut.com, told CBS News. 

According to the 2022 USB Threat report by Honeywell Forge, threats designed to propagate over USB or specifically exploit USB for infection rose to 52% over four years. 

“You’re much more likely to have your credit card skimmed than be juice jacked, based on the lack of hard evidence of widespread cases,” Swinder explained. “As rare as juice jacking is right now, the threats of identity theft have migrated from being purely physical to being primarily digital over the last decade.”

While “juice jacking” may be still relatively uncommon, says technology journalist Dan Patterson, it’s also “a fairly easy and low-cost hack — especially in airports and other public locations.” 

He offers simple advice to follow. “Never use a charger that isn’t yours or someone you know,” he said. 

Experts who spoke to CBS News say there’s always the chance of unreported cases since some may not even be aware of the risks. 

“The FBI is going to have access to intelligence and information that the public — even the broader cybersecurity public — will not have access to,” NetRise CEO Thomas Pace told CBS News. 

Their ability to “monitor underground forums, get intelligence from informants and even intelligence from other agencies” provides the FBI with a better understanding into possible threats.

It generally boils down to the age-old tradeoff between usability and security. 

“People want [and] need USB ports in airports and restaurants and just general public spaces, Pace said. “So they are going to continue to exist.”

He compared the charging stations and juice jacking to ATMs and ATM skimmers. 

“Are ATM skimmers a problem? Do they exist?” Pace asked. “The answer to both of those questions is yes. Did we remove all ATMs because of it? No, we did not.”

So what can be done? 

Like the FBI, the FCC recommends that travelers avoid using a public USB charging station and they use a power outlet instead. Travelers should carry a portable charger or external battery. 

Pace recommends visually inspecting the charger prior to plugging in. If it appears to have been tampered with in some way, don’t use it.

He added that people can be careful by using a USB data blocker, a small dongle that adds a layer of protection between a device and the charging point — or as they’re unofficially known, “USB condoms.” He carries one around with him all the time. 

“Pretty much guarantees you are good to go,” he added. 

Related Posts

How to Build a Kegerator

How to Build a Kegerator

How to Build a Kegerator How to Build a Kegerator -Bottles. We home brewers collect them, store them, wash them, and fill them. It takes time and…

Google Cloud Computing

Getting Started With Google Cloud Computing

Google offers several types of cloud computing services. Its cloud platform is built on the same infrastructure as its internal products, such as Gmail, YouTube, and Google…

Software Developer - Graduate Internship at Sophia ERP Limited

Software Developer – Graduate Internship at Sophia ERP Limited

Software Developer – Graduate Internship at Sophia ERP Limited :- Sophia ERP Limited – We are technology experts in: web applications, mobile applications, database management systems, enterprise…

gettyimages 1193598790

Google supporting passkeys for password-free login

Google is now offering users the option of using passkeys instead of passwords to sign in.  Starting Wednesday, account holders can use passkeys to login to their accounts…

0503 cbsm kidssocialmedia killion 1936426 640x360

Senators reintroduce Kids Online Safety Act to help protect kids from harmful online content

Social media has become an important part of the lives of many teenagers, including 14-year-old Jasmine Hernandez. But what started as a means of connection and self-expression…

2023 05 02t092105z 1365970753 rc28q0awktbl rtrmadp 3 tech ai hinton

“Godfather of artificial intelligence” Geoffrey Hinton leaves Google to talk about dangers of AI

The man known as the “godfather of artificial intelligence” quit his job at Google so he could freely speak about the dangers of AI, the New York…

Leave a Reply

Your email address will not be published. Required fields are marked *