View All Blogs

What Is Juice Jacking?

Cybersecurity

8 min read

Published on July 10, 2023

Written by Aranza Trevino

Edited by Ashley D'Andrea

Reviewed by Darren Guccione

Updated on September 15, 2025.

Juice jacking is a theoretical type of cyber attack where hackers could exploit public USB charging ports or compromised charging cables to gain unauthorized access to your device. Since staying connected has become a necessity, hackers could take advantage of your need to charge on the go by modifying ports or cables to steal your data and install malware. While the Federal Communications Commission is not aware of any confirmed cases of juice jacking, we recommend staying cautious when using public charging stations.

Your phone is at five percent. You spot a free charging station at the airport and plug in. Crisis averted. Right? Not exactly. What if instead of just charging your phone, it was also giving away your personal data? This is called juice jacking, a cyber attack that lets hackers steal your data or install malware just because you needed a charge. Let’s break it down and, more importantly, show you how to protect yourself. Hackers modify USB ports or cables with malicious software. When you plug in, your phone thinks it’s connected to a trusted device, and data starts transferring. Even free charging cables left behind could be a trap. If a cable is infected, plugging it in is like handing your phone to a cybercriminal. But what’s the worst that can happen? It can steal your personal data, install malware, or even lock you out of your own device. So how do you stay safe? First, avoid public USB charging stations. Use a portable battery instead. If you must charge, use a wall AC outlet with your own charger. If you see a prompt asking to trust the device, always select Don’t Trust or Charge Only. For extra protection, use a USB data blocker to prevent data transfer while charging. And never use random charging cables. They could be compromised. Juice jacking can happen anywhere, but now you know how to protect yourself. For more cybersecurity tips, visit keeper security dot com and stay ahead of cyber threats.

Continue reading to learn how juice jacking works, where it most often occurs and how to protect your devices, especially while traveling.

How juice jacking works

Juice jacking is considered a hardware-focused Man-in-the-Middle (MITM) attack. Unlike a traditional charging-only outlet, USB ports are designed to transmit data in addition to delivering power, which is exactly the feature that hackers exploit.

To carry out a juice jacking attack, a hacker first has to compromise a public USB charging station or USB cable. They can do this by installing malware directly into the charging station or embedding malicious code into the cable. Often, hackers leave these infected cables in public spaces, hoping an unsuspecting victim will see one as a lucky find to charge their device. Once a device is plugged into the compromised charging station or cable, a hacker can install malware onto the victim’s device and steal sensitive data. Hackers can then use that stolen data to conduct more cyber attacks, access bank accounts, steal funds or even commit identity theft.

What can juice jacking do to your device?

Juice jacking isn’t just about stealing your personal information; it can lead to more serious cyber attacks and security risks. Here’s what hackers can do to your device if you fall victim to a juice jacking attack:

Steal sensitive data: The main goal of juice jacking is typically data theft. Once your device is plugged into an infected charging port or cable, hackers can access personal information like contacts, photos, emails and login credentials without your knowledge. In some cases, they can create a full backup of your device if it stays plugged in long enough.
Install malware: Juice jacking can be used to install malware directly onto your device. Types of malware that could infect your device include spyware that monitors your activity and keyloggers that capture everything you type. Some malware runs in the background, undetected, while collecting data long after you’ve unplugged your device.
Lock you out of your device: In more advanced juice jacking attacks, your device could be taken over entirely. Hackers may install ransomware or other malicious software that locks you out. From there, they can demand a payment or block your access permanently, holding your device and sensitive data hostage.
Spread malware to other devices: Since infected devices act as carriers, your device might unintentionally spread malware to other systems after a juice jacking attack. If your compromised device is later connected to a clean charging station, the malware could spread to other devices connected to that station, creating a domino effect of malware infections in what’s called a multi-device attack.

Common juice jacking examples

Juice jacking often occurs in places where people need to charge their devices quickly and don’t think twice about plugging them in. Here are some common scenarios where juice jacking can happen.

Airports

One of the most frequent locations for juice jacking is airports. In March 2025, the TSA warned travelers to avoid plugging their devices into public USB ports in airports due to a rise in juice jacking attacks. Since travelers often scramble to find an open USB port during long layovers or delays, public charging stations in terminals and at gates are easy to access — and just as easy for hackers to compromise.

Hotels

In hotel lobbies and rooms, guests can typically find USB charging hubs as a convenience, but these USB ports may be tampered with or swapped out entirely by a hacker. This risk is greater in less secure or lower-budget hotels, but even complimentary charging cables provided by a hotel could be infected with malware if purchased from a questionable vendor.

Fitness centers

Many modern gyms offer USB charging stations in locker rooms or near workout equipment. Since people may leave their phones unattended while charging during a workout, gyms can be vulnerable to hackers installing or exchanging infected cables without anyone noticing.

Public lounge areas

Coffee shops, libraries and co-working spaces are popular places to charge your device and be productive. However, the more popular a location is, the more opportunities a hacker has to install malicious hardware or leave a compromised charging cable behind as a “lucky find” for the next victim.

How to prevent juice jacking

With a few simple precautions, you can protect your data and devices from juice jacking while staying fully charged. Here are some tips to stay safe:

Check for tampering

Before plugging your device into a public charging station, inspect USB ports and cables for signs of tampering. Key things to look for include loose parts, unusual attachments or cables that don’t seem to belong. If something feels off, it’s safer not to use that port or cable.

Don’t use lost or unverified chargers and cables

It may be tempting to use a charger or cable you find lying around, especially if your battery is low. However, using a lost or unverified charger or cable is one of the easiest ways to become a victim of juice jacking. Hackers may purposefully leave infected chargers or cables in public places, hoping someone will plug in a device. These chargers and cables may contain malware designed to steal your data the moment you connect your device.

Carry a portable battery and your own USB cables

Instead of relying on public charging stations, bring a portable power bank and trusted USB cables. Using your own equipment significantly reduces the risk of plugging into a compromised port or cable. If you forget to bring a USB cable, be cautious of unofficial vendors at places like airports because they may not know their own cables are infected with malware.

Use AC power outlets instead of USB ports

Whenever possible, charge your device with a standard AC power outlet rather than plugging directly into a USB port. Unlike USB ports, AC outlets supply only power. Since they can’t transmit data, charging from a wall socket with your own charger and cable eliminates the possibility of your data being accessed or stolen.

Always select “Charge Only” or “Don’t Trust” when prompted

Many devices ask whether you want to “trust” the connected USB device or allow data transfer while charging, especially at public charging stations. Always select “Charge Only” or decline trust to block data exchange, preventing hackers from accessing your device.

Invest in a USB data blocker

A USB data blocker, or a USB condom, is a small adapter that physically blocks the data pins inside a USB connection. The blocker allows only the power pins to connect between your device and the charging source, meaning no data can be transmitted in either direction while your device charges. This tool acts as a barrier between your device and any potentially compromised USB port or cable, making juice jacking attacks ineffective.

Keep your devices and data safe from juice jacking

Juice jacking isn’t a new cyber threat, but it’s regaining popularity as people grow more connected through various devices and need to stay charged. Knowing how juice jacking works and the common places where it happens can help you protect your devices and personal data. Whether it’s carrying your own charger, using a USB data blocker or avoiding public charging stations, it’s important to stay alert and prepared wherever you go.

Frequently asked questions

Are iPhones protected from juice jacking?

While iPhones have built-in security features, such as the “Trust This Computer” prompt, they are not completely immune to juice jacking. You can decline data access and keep your iOS updated to reduce risk, but plugging an iPhone into a compromised charging station could still infect it with malware. To protect your iPhone, it’s best to use your own charger and cable, plug only into AC power outlets or use a USB data blocker when charging in a public space.

Is juice jacking a real problem?

Yes, juice jacking is a legitimate security risk, especially in public places like airports, hotels and coffee shops, where large numbers of USB charging stations are available. Although widespread juice jacking attacks are somewhat rare, the potential for malware infection and device takeovers is significant. Hackers exploit the convenience of public USB ports to find victims, making it crucial to stay cautious and take proper measures when charging in public.

Why does TSA say not to charge your phone at the airport?

The TSA advises against charging your phone at public charging stations in airports because these stations can be vulnerable to juice jacking attacks. Since USB ports transfer both power and data, plugging into a compromised charging station could allow hackers to steal your data or install malware. To reduce this risk, the TSA recommends using your own charger with a power outlet or carrying a portable battery instead of relying on public charging stations or ports.

Aranza Trevino

By Aranza Trevino

Aranza Trevino is the SEO & AI Search Manager at Keeper Security. She combines her background in digital marketing from DePaul University with a passion for cybersecurity to create content that helps people and businesses stay secure. Her writing covers everything from password best practices to Privileged Access Management (PAM), with a focus on making technical topics easy to understand.