Tech News
← Back to articles

Warning: Protect your phone from choicejacking before it's too late - here's how

2025-10-31 | original
read original related products more articles

Elyse Betters Picaro (with graphic elements from Ameythyststudio, Aleriimingirov, and Romansa design art via Canva) / ZDNET

Giving your phone some extra juice via a public charging station is always a handy option, but it may not be a safe one. As described in a new report from NordVPN, cybercriminals can now turn to a trick called choicejacking, in which they're able to transfer data from your phone to a device disguised as a charger.

What is choicejacking?

With this new method, a malicious device that looks like an innocent charging station or port manipulates different functions on your phone. In doing so, your phone is tricked into connecting to the device via data transfer mode without your input or permission. Once that connection is made, the criminal's device can access and steal your photos, documents, contacts, and other personal files.

Also: 7 ways to lock down your phone's security - before it's too late

"Choicejacking is particularly dangerous because it manipulates a device into making decisions users never intended -- all without them realizing it," Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, said in the report. "Whether it's granting access to data or downloading malware, these attacks exploit the trust we place in everyday interactions with our smartphones."

Advanced upgrade to juicejacking

Choicejacking is actually a more advanced upgrade to the older practice of juicejacking. With juicejacking, hackers install software on charging stations at airports and other public spots that can then automatically scoop up data from your connected phone. In certain cases, your phone may lock down, preventing you from stopping the transfer before it's too late.

Also: Traveling this summer? Consider this before using airport Wi-Fi and charging ports

Juicejacking first popped up way back in 2011. But in a win for the good guys, mobile OS developers cooked up a way to stop this threat. Let's say a smartphone connects to a charging station. If the station indicates that it supports Media Transfer Protocol (MTP) or Picture Transfer Protocol (PTP) for data transfers, that means it's likely a hacker's device impersonating a charging station. In that case, the user is asked whether they want to allow a data transfer or just charge the phone.

... continue reading

Related:
iPhone 17 led a 22% boost in iPhone sales in China during its first month: report
Best Beats Headphones and Earbuds for 2025
Older Pixel Phones Score a Handy New Feature: Call Recording
Survey reveals you’d rather go hands-on than try to troubleshoot with a remote app
iPhone 17 Pro charges faster than ever, here’s how much

© 2025 GoKawiil