Now they even reveal their best tricks: Before Easter, the American FBI warned on Twitter against the use of public smartphone charging stations at airports, hotels or shopping malls. Malicious contemporaries could use the USB connection to install malware or surveillance software on the mobile phone. You should always use only your own cables and chargers. The hint is extremely justified, especially when using an Android smartphone.

Michael Spehr

Editor in the "Technology and Motor" department.

  • Follow I follow

For more than ten years, the infiltration of smartphones with prepared charging cables has been commonplace in the intelligence world. Not only the installation of malware or the spying on the devices is a problem. The operator of a charging station can use the simplest means to record which smartphones with which operating system are connected to his cables. The first indications of this threat came from security researcher Brian Krebs, who described it as "juice jacking" back in 2011.

Numerous security conferences have shown that spying technology actually works. In 2012, Kyle Osborn demonstrated how it is possible to unlock a locked android and extract data from it via USB cable. In 2013, at the Blackhat Security Conference, the Georgia Institute of Technology released a proof-of-concept malware called Mactans: A malicious charger that could infect an iPhone with malware while it was charging. At that time, the software was able to bypass almost all security precautions built into iOS and masquerade itself like a real background process of the operating system.

Google and Apple have since taken intensive precautions to make juice jacking more difficult. It will probably not be possible to stop it completely. Recently, there are prepared charging cables in relevant circles, which contain a mini board with WLAN chip and its own web server. In this way, the infected target device can be spied on by radio even from a great distance. Previously, older variants had used Bluetooth for data transmission, but its range is lower.

If you want to protect yourself, you should only use your own charging cables and charger. Special cables promise that they would only transmit electricity, i.e. the data functions would be cut. A similar approach is taken by so-called USB condoms, which are plugged between the charging cable and the device socket. They, too, are only supposed to pass on the power and block the data lines of the USB cable. However, security researchers have already undermined these two protective mechanisms.