Details of Juice Jacking and USB Condom

Juice Jacking, the term is currently trending on Google because the said cyber threat is on the rise from the past few months. Technically speaking, Juice Jacking is an exploited USB port that can pass on malware and sniff data from a victimized device.

This usually occurs when innocent device users unaware of the security threat charge their mobile phones in a public charging station, such as transit points like airports, shopping malls, and other points.

Threat actors often load malware or infect a connection cable and leave it at the charging station. And when an innocent user unknowingly uses the infected cable or the USB connector to electrically charge their device, the hacker sniffs all the data that is on the targeted device.

Security experts suggest video arcade consoles and power banks are also being induced with such Juice Jacking exploits these days, especially the ones supplied from China.

How to protect a device from Juice Jacking through a USB Condom?

To protect a device from becoming a target to such cyber threats, USB Condoms have entered the market, long back. They are just simple device connectors that sit between the charging device and the public charging station and protect the device owner from an intruder who can otherwise copy sensitive files, including texts, contacts, files, passwords, photos, and videos. USB Condom works by blocking connections to all the pins except the charging pin.

History of Juice Jacking

In the year 2011, the topic first came into the limelight at the DEF Conference, where a practical demo was conducted to show the seriousness of the issue.

Android and Apple iOS device manufacturers reacted to the severity and came up with an update in the year 2013-2014, where the charging device will ask the user whether the USB source can be trusted or not. And if the device labels the port as an untrusted source, then the phone OS will only allow the charging and will block data transfer.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display