Everybody understands the risk of plugging your phone into a computer—but how about public USB charging stations? While we are travelling, working or simply on the go, public USB ports have become a convenient way to top up smartphones and other devices. But with convenience comes risk. USB-based attacks are not just an old threat—they remain a serious and evolving danger whenever you charge your device in public.
While JuiceJacking has long been a known USB attack, a new and more deceptive attack method called "ChoiceJacking" has emerged. According to Redmond Magazine, these USB security threats are far from obsolete and continue to be actively exploited.
Let's explore what ChoiceJacking is, how it differs from JuiceJacking, where you're most vulnerable, and how you can protect against this threat.
What is ChoiceJacking?
ChoiceJacking is a recently discovered cyberattack that exploits the user’s interaction with the USB charging menu that appears when connecting a phone to a public USB port. Typically, when you plug your device into a USB port, a prompt appears asking whether you want to "Charge only" or "Transfer data." ChoiceJacking manipulates this interface to trick you into making the wrong selection.
Through clever screen overlays and UI manipulation, attackers make it appear as though you're choosing the safe "Charge only" option, but behind the scenes, your device ends up in "Data Transfer" mode, exposing it to data theft and malware injection.
Here's how it works on a technical level: when a phone is connected to a compromised public USB port, the malicious device acts like a trusted computer by emulating USB host behaviour. It presents a deceptive user interface overlay, tricking the user into selecting 'Charge only' when in fact the device is being switched to 'Data Transfer' mode. The attacker can then access file systems, extract sensitive data, or install malware—particularly on Android devices with USB debugging enabled. This is made possible by exploiting the system UI through techniques like touchjacking or overlay attacks, where the visual interface doesn’t match the actual command being executed.
Researchers from TU Graz outlined the technical details in their paper published at USENIX, and security experts, including Kaspersky, have warned that this technique can be complicated to detect in real time. Read Kaspersky's blog on ChoiceJacking here.
How is ChoiceJacking Different from JuiceJacking?
JuiceJacking is a type of attack where malware or spyware is installed on a device through a compromised USB port. The user doesn't have to interact with the device for the malware to be installed. It's a passive attack that exploits the direct data connection between the charging station and the device.
ChoiceJacking, on the other hand, is more deceptive and requires user interaction. It targets the decision-making process by presenting a fake interface that misleads the user into enabling data transfer. This subtle manipulation means even security-conscious users can fall victim.
As Tom's Guide explains, this makes ChoiceJacking potentially more dangerous than traditional JuiceJacking because it plays on trust and user perception.
Where Are You Most at Risk?
ChoiceJacking and JuiceJacking attacks are most likely to occur in:
- Airports and train stations
- Hotel lobbies
- Shared workspaces
- Conference venues
- Cafes and public lounges
Anywhere offering free USB charging ports can be a potential attack vector. Because these ports are open to the public, attackers can either tamper with the physical port or place malicious devices in place of legitimate ones.
As Cybersecurity News reports, these attacks can happen without any visible sign, making it critical to protect your device proactively.
How to Protect Yourself with USB Data Blockers
The most effective way to protect yourself from both ChoiceJacking and JuiceJacking is by using a USB Data Blocker.
USB Data Blockers work by physically removing the data lines from the USB connection. This ensures that only power is transferred, and your device is incapable of entering data transfer mode—even if tricked. Our data blockers are Australian designed and tested - to ensure the best possible protection against any type of USB Attacks
Beyond using USB Data Blockers, there are other ways to reduce your risk of USB-based attacks. Always use your own charger and cable rather than public USB ports when possible. If you must use public charging stations, consider carrying a portable power bank as a safer alternative. Keep your device’s operating system and security software up to date to patch known vulnerabilities. Disable USB data transfer or file sharing options in your device settings if you only need to charge. Lastly, be cautious of unexpected prompts when connecting to USB ports and avoid accepting any permissions you don’t fully understand.
USB Hacking can be easily prevented
ChoiceJacking is a clear warning that even everyday actions—like charging your phone—can open the door to serious threats. As cyberattacks become more advanced and harder to detect, your defences need to be smarter too. Understanding the risks and arming yourself with simple, practical tools like a USB Data Blocker is one of the easiest ways to take back control.
