According to a recent warning by the Federal Communications Commission (FCC), cybercriminals have found very inventive ways to drop malware and steal data from victims’ mobile devices. The term “Juice Jacking’ refers to charging kiosks found at travel centers such as airports and bus terminals that have been compromised by attackers. The term was first used by Brian Krebs in 2011 after a proof of concept was successful at DEFCON by Wall of Sheep. They were able to compromise the kiosk to post a message when someone plugged their phone into it. There are two types of Juice Jacking attacks. The first is data theft; it is carried out by installing malware into the kiosk specifically designed to steal user data when the device is plugged in. The second, malware installation, works by dropping malware onto the connected device as soon as the cord is plugged in. This type is capable of stealing data, installing adware, crypto miners, ransomware or trojans at the attacker’s leisure.
By: Dan McNemar It is not a new concept that criminals use the Darknet to