A sophisticated new cyberattack, dubbed “Choicejacking,” is raising alarms among cybersecurity experts, threatening to compromise sensitive data on smartphones through seemingly innocuous public charging stations. Unlike previous “juice jacking” threats, this novel technique bypasses existing safeguards on both Android and iOS devices, highlighting a critical vulnerability in how we power our mobile lives.
Researchers at Austria’s Graz University of Technology have demonstrated how malicious chargers can exploit communication protocols to simulate user input, tricking devices into granting data transfer permissions without the owner’s explicit consent. This allows attackers to gain unauthorized access to photos, documents, app data, and in some cases, even extract files from locked devices.
The insidious nature of Choicejacking lies in its ability to manipulate the very prompts designed to protect users. When a device is plugged into a malicious charger, it can send a series of rapid, automated commands that effectively “click” through the on-screen warnings asking for data transfer permission. This process can happen in milliseconds, faster than a human can perceive, making the attack virtually undetectable to the unsuspecting user.
Previous juice jacking attacks primarily relied on installing malware or directly siphoning data from vulnerable ports. However, smartphone manufacturers responded by implementing prompts that require user interaction before a data connection is established. Choicejacking, however, circumvents these by creating simulated input events, making the device “choose” to enable data transfer.
The implications are far-reaching. Public charging stations in airports, cafes, and other high-traffic areas, once viewed as convenient amenities, are now potential vectors for data theft. Cybercriminals could strategically deploy these modified chargers, turning everyday charging into a significant security risk.
While both Apple and Google have acknowledged these findings and are reportedly working on mitigations in upcoming OS updates (such as iOS/iPadOS 18.4 and Android 15), users are urged to exercise extreme caution. Cybersecurity experts recommend several preventative measures:
- Use your own wall charger and cable: This is the safest option, as it bypasses any potential compromises in public USB ports.
- Carry a portable power bank: A fully charged power bank provides a secure and independent charging solution.
- Utilize a USB data blocker (often called a “USB condom”): These small adapters physically prevent data transfer while still allowing power to flow.
- Be vigilant: If you must use a public charger, pay close attention to your phone’s screen. If any unexpected prompts or actions occur, immediately disconnect your device.
- Keep your device’s software updated: Regular updates often include crucial security patches that address new vulnerabilities.
As our reliance on mobile devices grows, so too does the sophistication of cyber threats. Choicejacking serves as a stark reminder that even seemingly routine actions like charging a phone require a heightened sense of security awareness.
![Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]](https://sumtrix.com/wp-content/uploads/2025/06/30-12-120x86.jpg "Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]")
