Southern California officials have issued an announcement declaring that public smartphone charging mounts are not safe, foreign media reported. The agency believes a convenient USB charging interface can infect households with malware. However, there are currently no instances to point to where this happens. On Friday, the Los Angeles district attorney’s office warned travelers not to use public USB charging mounts because the devices could be infected with malware that could steal data or lock phones.
“In USB charger fraud (often referred to as “juice-jacking”) criminals load malware onto the charging stand, potentially infecting unsuspecting users’ mobile phones and other electronic devices. Malware can lock devices or export data and passwords directly to fraudsters. “
The Los Angeles district attorney’s office acknowledged that it had not encountered any instances of infecting someone’s device through a Los Angeles charging stand. It told TechCrunch that there were a number of cases on the East Coast of the United States, but could not provide any verifiable details, such as location or date.
In addition, security researcher Kevin Beaumont said in a tweet that he had never seen evidence that malware was used in public smartphone charging mounts.
This is not to say that this is not the possibility. Several researchers have developed and demonstrated modified or cloned chargers and charging cables that can remotely “sniff” data or execute commands on devices, but these are just proof-of-concept projects.
It is not the first time that U.S. authorities have issued a consultation on similar grounds. Back in 2016, the FBI issued a warning after security researcher Samy Kamkar demonstrated his Key Sweeper proof-of-concept. It’s an Arduino board, small enough to fit into a USB charger’s enclosure that secretly records tapping data from a nearby Microsoft wireless keyboard.