Hack via USB / Juicejacking and how to protect your mobile device from it.
The USB port, the Universal Serial Bus, is designed to be able to transfer power on the one hand and data on the other. This is precisely its universality and its great advantage. In this article, however, we would like to draw attention to the other side of the coin, and how the danger of data theft and infection of mobile devices via USB can be countered.
What danger does the term Juicejacking refer to?
The danger of “catching” malware, e.g. a Trojan, with an infected USB stick is well known. However, what many users are not aware of at first is that mobile device charging cables also pose a risk. The criminal phenomenon is called Juicejacking.
The term first appeared officially in the USA in 2011. Brian Krebs, a well-known specialist in Internet and computer security, especially in the United States, coined the word when he first reported on it (below is a little historical digression – if you’re interested).
Juice translates to “juice” or “electricity,” jacking means “robbery” or “hijacking,” as in hijacking. Juicejacking thus means the hijacking of data on the one hand and is also used for compromising third-party devices in order to harm them and their users on the other.
The basis is that an unlocked cell phone can be read out almost completely, depending on the security settings. However, since many users are not aware of this danger and thus do not pay attention to it in their own security settings, they open up the danger of hacking their hardware as soon as they enter an “unprotected” connection between their mobile device and foreign connections.
What is Juicejacking exactly?
Simply put, Juicejacking exploits a security vulnerability. It is the most innovative and advanced method of hacking mobile devices. This security vulnerability arises as soon as a mobile device, e.g., a smartphone, is supplied with power via a USB port and is connected to a third-party device, or is connected to a third-party device via USB. Examples of third-party devices are charging stations or points in publicly accessible places, e.g., in cafés, exhibition halls, shopping malls, hotels, airports, or train stations.
Comparable to manipulated ATMs, which have an attachment to store pin codes, charging stations can also be manipulated. This is referred to as compromised USB charging points. The computer inside the charging station may be infected with malicious programs to either pull (= copy) data from the device, or also to smuggle malware onto the connected device. Depending on the amount of data and the duration of the unprotected connection, the content of the entire mobile device can be copied and passed into unauthorized hands.
Malicious or malware infections can consist, for example, of malicious code, Trojans, spyware or keyloggers, which, among other things, can also enable complete control over the attacked system. Another form of USB port hacking is that the malicious code installed on the victim’s single device is programmed to harm all future USB charging points / ports it comes into contact with. This allows the hacker to penetrate multiple systems.
Stealing data is the real juicejacking. Both criminal operations – infecting with malware as well as copying other people’s data – are usually not detected at all or too late, and the doors are opened for further criminal actions (e.g. blackmailing the victim, online purchases in the victim’s name and at the victim’s expense, etc.).
Background on the technique: Why does this type of hacking work?
The USB port enables the transmission of power, i.e. voltage, and also of data. This makes it an extremely universal connector. In a broader sense, a smartphone is a data carrier with many practical functions. Via USB it is supplied with power, and via USB it can receive data and pass on data.
The sticking point now is that charging and data streams cannot be strictly separated. As soon as a smartphone or other mobile device is connected to a power source (PC, charging station, etc.) via USB, data can also be transferred at the same time, in both directions. Simultaneous data transfer allows even higher currents than 100 mA, so it can be charged faster than if only voltage is provided. Basically, there is a risk of hacking as soon as a mobile device is connected to a PC, notebook or public charging station via the USB port.
What can provide protection – how to safely charge your mobile device on the go?
Complete security exists when the mobile device is via the supplied power supply unit is connected and charged, i.e. when the power adapter is connected directly to a pure power source (but beware: as soon as, for example, the power adapter is disconnected from the USB cable, and the USB to USB plug (or Lightning to USB plug) cable is connected to a foreign USB socket, the risk is present again).
Secondly, pure charging cables can be used that do not allow data transmissiong because they do not have any lines for this purpose (e. g. B. from Delock, see below). Powerbanks are just as useful. These can be charged safely on third-party PCs or power supplies. To charge your own mobile device via your own powerbank, there is then no longer a connection to the external PC or power supply.
Equally secure protection is provided by a data blocker, also known as a “USB condom”. This particular type of adapters have a USB socket on one side and a plug on the other. If the adapter is then attached between the (third-party) charging cable and the user’s own smartphone – i.e. “interposed” – then data transfer is blocked. Only the power is still being fed into the mobile device, as only the contacts for the power supply are connected, and not the data lines.
Small digression: points on the history and relevance of Juicejacking
As mentioned above, the term was coined by Brian Krebs in 2011. Krebs is still active as an Internet and computer security consultant. He had already begun his intensive study of the subject in 2001, when his home network had become the successful target of a hacker attack.
Krebs explained that it is entirely possible for attackers to set up a fake public charging station and hide a small computer inside. Then, when a smartphone or tablet is connected with a normal USB cable, the hidden computer can inject malicious code or steal sensitive information such as the contact list, emails or other data stored on the device.
During the DEFCON 2011 hacker event, stations were set up by the Wall of Sheep company for “free recharging”. When using it, the visitor saw the message, “You should not trust public charging stations with their devices.” The goal was to make visitors aware of the danger. In 2012, security researcher Kyle Osborn published a programming framework for connecting an attacking device to a victim device. This allowed the attacked device to be unlocked to gain access to data and perform further manipulations.
Subsequently, more malware was developed for research purposes, both for Android and iOS. Apple and Android developers responded by developing security measures to minimize attack points. However, the security hole “USB port” still could not be closed completely!
Here in Germany, there may not be as many public charging stations compared to the U.S. and other countries. When traveling on business or vacation, however, and also widely in cafés, train stations or public transportation, one will most likely be confronted with the situation sooner or later: The mobile device needs “juice”, but the own charging cable including power adapter is not at hand or cannot be used, e.g. because no pure power sources are available.
Source – Tragant
Find out exciting news and more about our products every week at varia.org/blog !