NordVPN Warns of Smartphone Hacking Risks via Public USB Chargers

As the number of travelers is expected to increase during the Chuseok holiday, warnings have emerged about growing risks of smartphone hacking through public USB chargers commonly used at airports, hotels, and other locations.

Global security firm NordVPN warned on the 23rd that “hackers may target smartphones containing sensitive information such as passports, hotel reservations, and airline mileage accounts,” urging caution. Actual investigations confirmed cases where travel-related data, including passport scans, were traded for thousands of dollars on the dark web.

Notably, the “choicejacking” technique, an evolved form of “juice jacking,” is drawing attention. While traditional juice jacking involved implanting malicious programs through chargers, choicejacking can automatically activate data transfer mode without user consent, extracting photos, documents, contacts, etc., in just 133 milliseconds. Experts explain that various attack techniques, including keystroke injection, buffer overflow, and protocol misuse, make detection virtually impossible.

Preventive measures suggested include ▲maintaining the latest security patches for smartphone operating systems and apps ▲minimizing the use of public chargers ▲using personal chargers or power banks ▲and activating charging-only mode. NordVPN also emphasized that theft during travel is severe, stressing the need to promptly process remote lock and reset, account password changes, suspension of telecom services, and police reports within 48 hours if such incidents occur.

Hwang Seong-ho, head of NordVPN’s Korean branch, stated, “Choicejacking is a case where public charging threats have evolved to the next level,” adding, “Public USB ports should not be trusted as safe, and awareness and preparedness for hacking and theft risks are the most crucial lines of defense.”