Attacks & Threats
Juice Jacking
Also known as: Power-port attack
Definition
An attack in which a public or malicious USB charging port is used to install malware or exfiltrate data from a phone that plugs in, by abusing the data lines of the USB cable.
Examples
- A modified airport charging kiosk that installs spyware on an unlocked Android plugged in for a quick top-up.
- A free public power bank with a hidden controller that attempts ADB connection during charging.
Related terms
Mobile Malware
Malicious software that targets smartphones and tablets to steal data, intercept communications, mine cryptocurrency, or perform financial fraud.
Spyware
Malware that secretly collects information about a user, device, or organization and sends it to an external party.
Supply Chain Attack
An attack that compromises a trusted third-party software, hardware, or service provider in order to reach its downstream customers.
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.
Shoulder Surfing
Observing someone's screen, keyboard, or PIN pad over their shoulder — directly or via cameras — to steal credentials, codes, or sensitive information.
Dumpster Diving
Searching through an organisation's or person's discarded materials — paper, removable media, hardware — to recover sensitive information.