I know the feeling: your battery is low, but you have to keep tweeting. You see a USB port or an outlet in public, plug in your device and feel the sweet relief of your phone charging. That comfort could be shattered by an invisible attacker collecting information while your phone is plugged in to a hacked outlet.
“Just by plugging your phone into a [compromised] power strip or charger, your device is now infected, and that compromises all your data,” Drew Paik of security firm Authentic8 explained. Authentic8 makes Silo, a secure browser that anonymizes web activity.
Public charging stations and wi-fi access points are found in places like airports, planes, conference centers and parks, so people can always have access to their phones and data. But connecting your phone to an unknown port has its risks.
The cord you use to charge your phone is also used to send data from your phone to other devices. For instance, when you plug your iPhone into your Mac with the charging cord, you can download photos from your phone to your computer.
If a port is compromised, there’s no limit to what information a hacker could take, Paik explained.
That includes your email, text messages, photos and contacts. It’s called “juice jacking,” a term coined by researchers back in 2011. Last year, the same researchers demonstrated “video jacking,” using hacked ports and your phone’s video display to record everything you type and look at.