The airport, the bar, the library—all places where your hard-working smartphone might need a little pick-me-up, and all places where free, public phone charging stations have been cropping up over the last few years. But according to a warning from the U.S. Federal Bureau of Investigation, you might be better off letting your constant companion run down to zero.
A tweet from the FBI’s Denver field office (via CNBC) warns that “bad actors” have been infiltrating public recharging stations in order to load up spyware and malware on smartphones through the USB port. For hackers, getting instant physical, wired access to a device is basically the Holy Grail of information security…and the defeat thereof. It’s a technique informally known as “juice jacking,” something the FBI’s central website and various field offices have been warning about for a couple of years.
Smartphones with the latest security updates and default levels of access (for example, disabling USB debugging on Android) probably don’t have much to worry about, even if a public charging access point is compromised. But there’s always the chance of an undisclosed zero-day vulnerability or an error in the latest update. The danger is especially potent for users whose phones are outside the update window for Apple, Google, or other manufacturers.
A safer option is to charge up a USB battery or power bank at home and bring it with you. ■