The FBI has issued a warning to consumers, advising them to avoid using public phone charging stations due to the potential threat of exposing their devices to malicious software. The alert, which came via a tweet from the FBI’s Denver branch, highlights concerns that public USB charging stations, commonly found in malls and airports, have become avenues for spreading malware and monitoring software. While no specific examples were provided, the FBI’s message is clear: exercise caution.
The agency’s recommended solution is simple: carry your own charger and USB cord, and opt for using an electrical outlet instead. Although public charging stations are convenient, especially when devices are running low on battery, security experts have been sounding the alarm for years about the associated risks. In 2011, the term “juice jacking” was coined to describe this issue.
Drew Paik, formerly of security firm Authentic8, explained the problem succinctly: “Just by plugging your phone into a [compromised] power strip or charger, your device is now infected, and that compromises all your data.” The same cord used for charging your phone also facilitates data transfer between your phone and other devices. For example, when connecting your iPhone to your Mac using the charging cord, you can transfer photos from your phone to your computer.
If a charging port is compromised, it opens the door to potential data breaches. Hackers could gain access to your email, text messages, photos, and contacts, among other sensitive information.
Vikki Migoya, a public affairs officer at the FBI’s Denver branch, clarified that the agency routinely issues reminders and public service announcements in collaboration with partners. The recent warning serves as a general reminder to the American public to stay vigilant, especially while traveling.
The Federal Communications Commission (FCC) has also weighed in on the matter. In a blog post updated on Tuesday, the FCC cautioned that a corrupted charging port could enable malicious actors to lock a device or extract personal data and passwords. The post also highlighted reports of criminals intentionally leaving compromised cables plugged in at charging stations, and even instances of infected cables being distributed as promotional gifts.
In light of these risks, the FBI’s advice to carry your own charging equipment and use trusted electrical outlets is a prudent measure to safeguard your digital security while on the go.