FBI warning: Avoid public charging stations at airports and malls

Shawn Knight

Shawn Knight

Posts: 15,291   +192
Staff member
In brief: While it may be tempting to top off your phone at one of those free charging stations found in airports or shopping centers, the Federal Bureau of Investigation (FBI) advises against it. In a recent PSA, the agency's Denver branch notes that bad actors have figured out how to use public USB ports to load malware and other types of monitoring software onto connected mobile devices. It may be more of a hassle but the FBI recommends carrying your own charger and USB cable and using a standard electrical outlet if you need a refill.

Juice-jacking warnings have been around for years although not everyone is convinced that the threat is serious or even actionable.

In 2021, the Federal Communications Commission (FCC) issued a similar warning on the dangers of using public charging stations. Dirty USB ports can load software that can lock a device or steal passwords and other sensitive information while running in the background. In some instances, a hacker may even leave a compromised cable plugged into a power station in hopes of it being used by an unsuspecting victim.

In actuality, this and other potential attack vectors all boil down to what level of paranoia you subscribe to and how far down the rabbit hole you want to go.

Is an attack like the one the FBI warned against plausible? Sure. But even if you use your own charger, can you be certain that nobody has tampered with it or your charging cable? Did it come directly from your phone manufacturer or was it purchased from a third party accessory maker? What about public Wi-Fi hotspots, how secure do you believe those are? And what about all the apps you have downloaded and the sites you visit?

The reality is that smartphones are susceptible to all sorts of attached and wireless attacks, many of which the general public probably have not even considered. It comes down to risk versus reward, convenience versus privacy.

Image credit: InBox Dicas

Permalink to story.

https://www.techspot.com/news/98260-fbi-warning-avoid-public-charging-stations-airports-malls.html

 
Now that fast-charge fragmentation is real I guess people tend to carry their chargers around. 5V 2.4A isn't going to cut it especially in a public place. some places offers PD charger because that's what iphones and samsung support.

if you have chinese phones such as oneplus, oppo, vivo, huawei they have their own protocol and you know for sure there's no way a public place offers VOOC or SCP fast charge. well maybe if you're in china but otherwise tough luck.

Is an attack like the one the FBI warned against plausible? Sure. But even if you use your own charger, can you be certain that nobody has tampered with it or your charging cable? Did it come directly from your phone manufacturer or was it purchased from a third party accessory maker? What about public Wi-Fi hotspots, how secure do you believe those are?
Click to expand...

unless you're a diplomat or wealthy businessman there's absolutely no reason to be afraid that someone will swap your cable. even better if you're using a third party cable. I buy packs of third party cable of different colors and if someone is spying on me they better clone each color in exactly the same shade otherwise I'd notice it.

public wifi is the worst. the worst of the worst is the open one. once I stayed in a hotel in amsterdam with open wifi network. it was a 4-star hotel so I didn't think much of it. slept overnight the phone loses 30% of charge not doing anything. second night put the wifi off and my phone only loses 4% of charge as it should. something is definitely going on. also some of the smart TV control appears on my phone, so I could literally mess up someones' TV without them knowing. seriously the IT guy in this big hotel needs to be fired. or who knows maybe he's the one snooping around.
 
  • Like
Reactions: mbrowne5061, Avro Arrow and DSirius
nismo91 said:
Now that fast-charge fragmentation is real I guess people tend to carry their chargers around. 5V 2.4A isn't going to cut it especially in a public place. some places offers PD charger because that's what iphones and samsung support.

if you have chinese phones such as oneplus, oppo, vivo, huawei they have their own protocol and you know for sure there's no way a public place offers VOOC or SCP fast charge. well maybe if you're in china but otherwise tough luck.



unless you're a diplomat or wealthy businessman there's absolutely no reason to be afraid that someone will swap your cable. even better if you're using a third party cable. I buy packs of third party cable of different colors and if someone is spying on me they better clone each color in exactly the same shade otherwise I'd notice it.

public wifi is the worst. the worst of the worst is the open one. once I stayed in a hotel in amsterdam with open wifi network. it was a 4-star hotel so I didn't think much of it. slept overnight the phone loses 30% of charge not doing anything. second night put the wifi off and my phone only loses 4% of charge as it should. something is definitely going on. also some of the smart TV control appears on my phone, so I could literally mess up someones' TV without them knowing. seriously the IT guy in this big hotel needs to be fired. or who knows maybe he's the one snooping around.
Click to expand...
Don't buy anything that doesn't support USB Power Delivery, it's really that simple. Even the iPhone with its stupid Lightning connector's been supporting it since the iPhone 8.

This is the way to move forward. These random Chinese vendors can take their proprietary cr@p up their @sses, seriously. I don't want or need 200W charging on my friggin' phone. At all. If someone doesn't have the brains to realize in time to charge their stuff, then apply for adult care or something.
 
  • Like
Reactions: m3tavision
Use a power bank. Problem solved. Only charge your phone with the power bank, and you can charge the power bank from any filthy filthy USB hole you find.
 
  • Like
Reactions: Avro Arrow
It would be a more interesting article if it explained how a USB cable can download unwanted software. It would be a really useful article if it explained how to turn this "feature" off. As it is, I think I've read the same article many times before in the past.
 
  • Like
Reactions: Superconductor and Avro Arrow
nismo91 said:
Now that fast-charge fragmentation is real I guess people tend to carry their chargers around. 5V 2.4A isn't going to cut it especially in a public place. some places offers PD charger because that's what iphones and samsung support.

if you have chinese phones such as oneplus, oppo, vivo, huawei they have their own protocol and you know for sure there's no way a public place offers VOOC or SCP fast charge. well maybe if you're in china but otherwise tough luck.



unless you're a diplomat or wealthy businessman there's absolutely no reason to be afraid that someone will swap your cable. even better if you're using a third party cable. I buy packs of third party cable of different colors and if someone is spying on me they better clone each color in exactly the same shade otherwise I'd notice it.

public wifi is the worst. the worst of the worst is the open one. once I stayed in a hotel in amsterdam with open wifi network. it was a 4-star hotel so I didn't think much of it. slept overnight the phone loses 30% of charge not doing anything. second night put the wifi off and my phone only loses 4% of charge as it should. something is definitely going on. also some of the smart TV control appears on my phone, so I could literally mess up someones' TV without them knowing. seriously the IT guy in this big hotel needs to be fired. or who knows maybe he's the one snooping around.
Click to expand...


Because of Wifi protocol another device can speak to any other as many times as they want - apparently you could run a wifi camera on a battery down quite quickly using this trick- probably another way to trigger people to charge a phone on a dodgy USB

If you have good phone data - turn off your wifi and BT I say
 
nismo91 said:
public wifi is the worst. the worst of the worst is the open one. once I stayed in a hotel in amsterdam with open wifi network. it was a 4-star hotel so I didn't think much of it. slept overnight the phone loses 30% of charge not doing anything. second night put the wifi off and my phone only loses 4% of charge as it should. something is definitely going on. also some of the smart TV control appears on my phone, so I could literally mess up someones' TV without them knowing. seriously the IT guy in this big hotel needs to be fired. or who knows maybe he's the one snooping around.
Click to expand...


We're way long past that era where your internet browser or phone used to connect over "insecure" http. Today it's pure encrypted going over the line, so even with a open wireless (everything below Wifi 6 is unsafe anyway) it's kind of impossible to penetrate unless your device is using a leak IOS and never has bin updated.

Lets say I use windows explorer, to access FTP servers with. My user/pass combo would go right over the line unencrypted in a form like ftp://user:pass@someserverhost.com/ and end up in logs. Also mail going unencrypted is likely to get caught if you have'nt setup SSL in the first place.

Open wireless is OK if you know what your doing with it.
 
This is just common sense...!

If you are "TRAVELING" then you have a traveling charger. New-gen chargers are super small & powerful, 15m at an outlet and you just gained +20% battery life (40m to charge to 90%).

Never plug into another's cable, evAr..!
 
azicat said:
Use a power bank. Problem solved. Only charge your phone with the power bank, and you can charge the power bank from any filthy filthy USB hole you find.
Click to expand...
That's the answer right there! I have two power banks and they're useful as hell. Now, it seems that they're even more useful than before. You can't infect a power bank with malware because it doesn't have data transfer.
 
nismo91 said:
Now that fast-charge fragmentation is real I guess people tend to carry their chargers around. 5V 2.4A isn't going to cut it especially in a public place. some places offers PD charger because that's what iphones and samsung support.

if you have chinese phones such as oneplus, oppo, vivo, huawei they have their own protocol and you know for sure there's no way a public place offers VOOC or SCP fast charge. well maybe if you're in china but otherwise tough luck.



unless you're a diplomat or wealthy businessman there's absolutely no reason to be afraid that someone will swap your cable. even better if you're using a third party cable. I buy packs of third party cable of different colors and if someone is spying on me they better clone each color in exactly the same shade otherwise I'd notice it.

public wifi is the worst. the worst of the worst is the open one. once I stayed in a hotel in amsterdam with open wifi network. it was a 4-star hotel so I didn't think much of it. slept overnight the phone loses 30% of charge not doing anything. second night put the wifi off and my phone only loses 4% of charge as it should. something is definitely going on. also some of the smart TV control appears on my phone, so I could literally mess up someones' TV without them knowing. seriously the IT guy in this big hotel needs to be fired. or who knows maybe he's the one snooping around.
Click to expand...

Dont need to swap the cable. The charge port itself can be trojanized in the exact same way. badbios hacks are legit since Equation got dumped.
 
I guess the phrase better late than never applies here.

At the Pittsburgh International Airport, there are some signs at the public USB charging stations that say:
"Bug Plugs".
 
Then why even have charging stations around?

just have basic wall outlets that someone can plug their own charger into, no smart nonsense. its almost comical how much crap one person totes with them in an airport, you're flying from NC to DC dude, not HALO dropping into the middle of mongolia, do you really need 2 water bottles, battery packs, a weeks worth of snacks, clothes and a pillow in that ridiculous backpack?

and if you cant put your phone in a pocket for the little time your in a mall.....you need help.
 
mbk34 said:
It would be a more interesting article if it explained how a USB cable can download unwanted software. It would be a really useful article if it explained how to turn this "feature" off. As it is, I think I've read the same article many times before in the past.
Click to expand...
Agree. Can you turn this "feature" off by turning you phone off before charging it?
(I know, 'nothing' is really off when it's turned off these days....)
 
ChrisH1 said:
If you can, get and use a charge-only cable for use in such cases, current only, no data wires.
Click to expand...
Yes - this is a simple solution that doesn't forego using those outlets. I have such a cable but wouldn't have thought of taking it with me except for this article.
 
You must log in or register to reply here.

Similar threads

Cal Jeffrey
Take those iOS 17 NameDrop warnings with a grain of salt
Replies
2
Views
250
PEnnn
PEnnn
midian182
  • Locked
Microsoft issues warning on China's use of generative AI to disrupt US elections
2
Replies
41
Views
513
GodisanAtheist
GodisanAtheist
Daniel Sims
Windows 11 now supports USB4 at 80Gbps, also known as USB4 2.0
Replies
17
Views
375
Calsun
C

Latest posts

Back