I was recently a bit annoyed by the constant prompt over my computer screen when I plugged in my iPhone or my iPad which have always been the same, asking if the device could be trust on both sides (phone and computer).
It got me wondering why would Apple implement such an annoying prompt? when before I would never been asked anything, nor have to confirm that it’s my device… I immediately figured it out last night while checking the latest news on krebsonsecurity.
New fear unlocked!
The last few years I learned a lot about skimmers and that I should always check an ATM before inserting my bank card in it, unless I want to end up with fraudulent payments in India two days later and 2 months of chargeback complaint process.
I also, and you may agree too, would never plug-in any unknown USB device I would randomly find into my personal computer, knowing that it would have a great chance to contain a nasty bunch of viruses.
But you may agree, that those shine USB ports in public places like buses, airports, train stations, coffees where you can plug your phone and top up a little bit of battery don’t seem that scary? Well, it is as dangerous in fact to plug your phone there as to insert an unknown USB device. 😱😱😱😱😱😱
And it has a name for it, it’s called JUICE JACKING. The goal of the attack is to either insert malware either copy and steal your data, since our phones are basically our bank now, yes it is scary af.
I remember plugging in my phone in the Flixbus recently and even in the tramway and somehow I wasn’t thinking that it would be threat. For Apple to implement these annoying prompts on their OS, I guess it can be considered as a BIG enough threat…
In fact, according to Wikipedia, Brian Krebs was the first to report on this attack and coin the term “juice jacking.” After seeing the informational cell phone charging kiosk set up in the Wall of Sheep at DefCon 19 in August 2011 !
It looks like only researcher might have used and tries these attacks for the past 12 years, but a recent tweet of the FBI regarded these device tend to make me feel that it might be time to stop using random chargers !
Brian added a note at the end of his article, saying that it would be preferable to turn off your device to charge it if you really need battery.
Leave a Reply