Juice Jacking, the hidden cyberattack on public chargers — what it is, how it works and how to prevent it
Joel Basanta
“Juice jacking” is one of the fastest growing cybersecurity threats in 2025, especially as a result of the rise of public USB chargers in airports, stations, shopping malls and coffee shops. This cyberattack endangers our personal data and the integrity of our mobile devices every time we look for “a quick plug”, turning a daily action into a potential gateway for digital criminals.
What is juice jacking and how does this cyberattack work?
Juice jacking occurs when criminals manipulate public charging stations—especially USB ports—to install malware or extract personal information from connected devices.
USB ports have the dual function of charging energy and transferring data; the latter is the one that cybercriminals exploit, using modified cables or altered stations to extract passwords, photos, banking information or even install Trojans and ransomware.
Once you connect your mobile phone, they can steal your data instantly and, sometimes, leave software that continues to send information even after disconnecting it. There are variants, such as advanced “juice jacking”, where the malware remains active for weeks or months.
Where is juice jacking most common?
The most vulnerable places are airports, public transport, shopping malls, hotels and anywhere with public USB charging stations.
Cybercriminals can also use manipulated wireless chargers or even purposely abandoned USB cables to infect unsuspecting victims.
Consequences of a juice jacking attack
Instant theft of personal information and credentials.
Installation of persistent malware, spyware and trojans on the device.
Risk of bank fraud, impersonation or corporate espionage
Total loss of control over the mobile phone in the most serious cases.
Prevention: How to protect your devices against juice jacking
Always use your original charger and cable and connect them directly to the power outlet, never to public USB stations.
Avoid unknown cables or found in public places, even if they are “sealed”.
Use a USB data blocker, a cheap device that cuts off data transfer and only allows energy charging.
Activate safe charging mode on your device, to block data transfer when an unknown connection is detected.
It has an external battery (power bank) own to avoid the need for public stations.
Keep your mobile software and applications up to date and activates data encryption, to make it difficult to extract if the device is compromised.
Don't use suspicious charging stations or cables of questionable origin. If the system asks if you trust the device, never accept in public places.
Remember: If you suspect an infection, perform an immediate scan and restore the device.
🛡️ Request your free consultation with Apolo Cybersecurity and avoid the risks of juice jacking attacks
Juice jacking is a real and growing threat that jeopardizes the security of any user who uses public USB chargers. Awareness, responsible use and technological prevention are the best weapons to avoid turning a simple recharge into digital theft.
Do you want to know how to protect your company's digital mobility or better protect your employees?
%402x.svg){kind=icon}
