If you’ve ever watched your battery dip below 10%, you’ll be all too familiar with the feeling of rising panic. You start scanning the room. Who has a cable? A power bank? Maybe you even spot a built-in charger in an Uber or an airport seat and feel instant relief.
When our phones are dying, we make quick decisions. But should you trust a cable offered by a stranger or a charging port in a public space?
As we’ll soon find out, this one isn’t a clean yes or no. There’s real risk here, but also strong protections already in place. But understanding why this idea exists, what actually happens in a security attack, and where the real dangers lie can help you stay safer without becoming paranoid.
The ‘myth’
The claim is that a charging cable, especially one handed to you by a stranger or in a public spot, can steal your data or give someone access to your device.
You’ll often see vague warnings online about “dangerous cables,” or “public USB hacks,” or “juice jacking”. But not much clarity about how it works or what’s actually at risk. Is the cable a problem? The port you plug into? And is this a widespread, realistic threat?
This is a ‘myth’ that isn’t actually a myth. The threat does exist and attacks like this do happen. But the context, probability and modern safeguards tell a much more balanced story.
What experts say
“Yes, if you use a cable that has been given to you by a stranger, it could be a risk,” Craig Ford, cyber security expert, author and co-founder at Cyber Unicorns, tells me.
He explains that some cables can have a hidden chip embedded in them that allows a malicious actor or hacker to carry out a process called “juice jacking”.
“This essentially allows them to collect, at minimum, any information that is sent over the cable,” Ford tells me. “The worst case is if the actor is sophisticated, which means they could use this cable to gain unauthorized access to your devices.”
Because this isn’t just an issue for your phone. Ford says that the same method can also be used to hack tablets and computers.
TL;DR
Public charging cables can pose a threat, but modern phones also have strong protections. To stay safe, you should:
- use your own cable when possible (or buy a new, unopened one)
- never tap ‘trust’ for an unknown device when prompted
- keep your phone updated with the latest security patches
The modified cables that are capable of doing this are also readily available. “You can buy them online,” Ford says.
All you’d need to do is physically plug the cable into a phone or other device. “Then they could gain access via the setup chip on the cable and they use it to install a remote access tool or remote command tool on the device,” Ford tells me.
So yes, the threat is real. But the story doesn’t end there.
Paul Jones, a security expert and Managing Director at cybersecurity consultancy Exosec Limited, says that the industry has already responded.
“Although a charging cable could be malicious, protections are in place on modern devices to defend against this,” Jones explains. “Modern phones block data transfer by default and have strong controls to prevent attached devices from pushing data onto the phone (e.g. installing malware). So plugging into a USB port isn’t likely to expose your data or result in your device being compromised.”
In other words, it’s possible but the barrier to pull it off successfully is much higher than it used to be. So what’s best practice?
What you should do
Ford’s advice is straightforward: avoid using any charging cable that doesn’t belong to you. “Find somewhere you can buy one yourself,” he says. “One that is still in the packaging and you know exactly where it’s come from.”
If you’re using a public charging station or USB port, even with your own cable, there are added safeguards that can help too.
“Get yourself a USB write blocker. It’s a small added plug that goes onto the end of a USB device before it’s plugged into your device. It stops anything from trying to connect or control your devices,” Ford says.
And keep your behavior cautious while your device is plugged in. “I would also recommend that you don’t carry out any sensitive activities while using these ports, or chargers, just in case they are capturing the data,” Ford says.
Jones stresses that one of the ways tech companies have prevented against these threats is by adding prompts, so watch out for them.
“The main thing to remember is that you should not be selecting ‘Trust This Computer’ when charging,” Jones says. “Also, make sure you keep your device up to date with security patches.”
These two steps seem small but could actually save you from the vast majority of issues. Because modern protections work, but your choices matter too.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Add Comment