Malware spotlight: Juice jackers

Introduction

“Juice jacker” is a term for any number of malware and malware families that infect unsuspecting mobile devices plugged into public USB charge ports — you know, the ones that are sprinkled throughout most major airports and public venues. This type of malware provides a good illustration of how risk is at the heart of information security, and it is more dangerous than its largely hardware-centered cousin.

This article will detail the juice jacker type of malware. We’ll explore what juice jackers are, how they differ from the hardware type of juice jackers, how the malware type of juice jackers work, how juice jackers affect the real world, and how this type of malware can be thwarted.

What are juice jackers?

Imagine being in a major airport. After the hustle and bustle of checking in to your flight, you realize you forgot to fully charge your mobile device. Worse, it is currently at 5% battery power and you left your USB charger at home. Like most, you may opt to use one of the free USB charging stations that are all over the airport.

However, this may prove to be the death knell of your mobile device. Public USB chargers can be loaded with malware waiting to sink its proverbial teeth into your device.

A juice jacker is a catch-all type of malware that includes all malware loaded onto public USB charging stations. Whether the malware is a backdoor, banking Trojan or keylogger, this type of malware has one goal: to steal information and install malware that will further the goal and establish a presence on the device. This differs from the hardware type of juice jackers, which will be discussed below.

It should also be noted that while some consider juice jacking merely a type of attack, malware (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/zSEbwrzNvnc/