Giving your phone some additional juice through a public charging station is always a useful choice, but it may not be safe. As shown in a new report issued by NordVPN, electronic criminals can now resort to a trick called Choicejacking, in which they can transfer data from your phone to a disguised device as a charger.
What is Choicejacking?
Through this new method, a harmful device that resembles a innocent or executing charging station treats different functions on your phone. When doing this, your phone is deceived by connecting to the device by placing data transfer without entering or permission. Once this connection is made, the criminal device can access your photos, documents, contacts, and other personal files.
also: 7 ways to lock your phone’s safety – it is too late
“The choice is especially dangerous because it manipulates a device to make decisions that users have never intended – all of this without their awareness,” Adrianus Warmenhoven, NordVPN, said in the report. “Whether it gives access to data or downloading harmful programs, these attacks take advantage of the confidence that we put in daily interactions with our smartphones.”
Advanced promotion to Juicejacking
Choicejacking is a more advanced upgrade to the old practice of Juicejacking. With Juicejacking, infiltrators install programs on shipping stations at airports and other public sites that then can automatically from data from your connected phone. In some cases, your phone may close, and prevent you from stopping transportation before it is too late.
also: Travel this summer? Consider this before using Wi-Fi Airport and shipping ports
Juicejacking appeared for the first time in 2011. But in winning the good men, the moving OS developers printed a way to stop this threat. Let’s say that the smartphone is connected to a charging station. If the station indicates that it supports the media transmission protocol (MTP) or photo transfer protocol (PTP) to transfer data, this means that the infiltrator device is likely to imitate a charging personality. In this case, the user is asked if they want to allow data transfer or just charge the phone.
But in the latest developments, researchers from Graz University of Technology found in Austria A way to overcome protection at the OS level against Juicejacking. Warning devices can now impersonate USB or Bluetooth input devices to enable data transfer mode. When affecting Android devices and sometimes iOS, this tactic can use technical methods such as key pressure injection, temporary stored input flood, and misuse of the protocol to complete the transfer of data in less than 133 mm.
also: The best energy banks that you can buy in 2025: Experts have been tested and reviewed
“Choicejacking is a serious development in public charging threats,” Warmenhoven added. “With a single deceptive claim, attackers can deceive people to enable data transfer, and possibly expose personal files and other sensitive data. Public USB ports should never be treated as safe, and awareness is the first line of defense.”
How to prevent your phone from choosing
NordVPN provides the following tips:
- Make sure to update your phone with the latest version of the operating system and safety corrections.
- Preventing your phone battery from lower 10 % decrease to avoid re -charging it in a public place.
- Instead of using the public charging port, carry the bank of a portable energy or an external battery for your phone juice.
- Instead of using USB ports on public charging stations in hotels and airports, hold your USB adapter and cable and use a standard AC port.
- If possible, keep it in “Charg Only” mode to avoid any unwanted data transfers.
also: Every iPhone owner must use Magsafe – I can’t live without these favorite accessories 7
Get the best stories in the morning in your inbox every day with Technology newsletter today.
