Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Choicejacking Attack Steals Phone Data

July 31, 2025
Reading Time: 2 mins read
in Alerts
Hackers Spread JSCEAL via Fake Crypto Apps

Cybersecurity researchers have uncovered a new threat called Choicejacking that makes using public phone chargers incredibly risky. This method is an evolution of the older “juice jacking” attacks, but it cleverly sidesteps the security updates that were created to stop them. The new technique can force a smartphone to grant an attacker unauthorized access, often before the user even realizes their device is compromised.

From Juice Jacking to Choicejacking

The original threat, juice jacking, involved hackers using infected public charging stations to either steal data or install malware on connected phones. In response, smartphone manufacturers updated their operating systems to require user permission for any data transfer, giving people a choice between “charge only” and file access. However, researchers from Graz University of Technology in Austria have now found a way to bypass this security prompt entirely, tricking the phone into thinking the user has approved data transfer when they haven’t.

How the Attack Works

Choicejacking doesn’t rely on traditional malware. Instead, a malicious charging station spoofs input devices like a USB keyboard or Bluetooth device to fake user actions. It can use these fake inputs to quietly switch the phone into data-transfer or debug mode, a process that takes less than 133 milliseconds—faster than a human can blink. This speed means the phone grants access before the user has any chance to see a prompt or intervene.

According to cybersecurity advisor Adrianus Warmenhoven, the primary danger of Choicejacking is that it manipulates the device into making decisions the user never intended. Once the malicious charger tricks the phone into granting access, an attacker can secretly view photos, read messages, or install malicious software. It exploits the user’s trust in the security prompts that are supposed to keep them safe, creating a dangerous illusion of control.

The discovery of Choicejacking reinforces the long-standing warning from cybersecurity experts: do not trust public USB ports. Whether at an airport, hotel, or café, a compromised charger could be waiting to hijack a device. This warning is crucial for both Android and iOS users, as the underlying vulnerabilities exist on various platforms. The research detailing this attack has been accepted for presentation at the prestigious 34th USENIX Security Symposium in August 2025, highlighting the seriousness of the threat.

Reference:

  • Choicejacking Attack Lets Hackers Steal Data from Phones Using Public Charging Stations
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityJuly 2025
ADVERTISEMENT

Related Posts

Experian Fined For Data Collection

TikTok Videos Driving Infostealer Attacks

October 20, 2025
Experian Fined For Data Collection

Chrome Extensions Hijack WhatsApp Web

October 20, 2025
Experian Fined For Data Collection

Google Ads Used To Push Fake Software

October 20, 2025
Sothebys Data Breach Exposes Customers

Microsoft Pulls 200 Suspicious Certificates

October 17, 2025
Sothebys Data Breach Exposes Customers

NK Hackers Hide Malware In Blockchain

October 17, 2025
Sothebys Data Breach Exposes Customers

Hackers Spread Malware With Blockchain

October 17, 2025

Latest Alerts

TikTok Videos Driving Infostealer Attacks

Chrome Extensions Hijack WhatsApp Web

Google Ads Used To Push Fake Software

Microsoft Pulls 200 Suspicious Certificates

NK Hackers Hide Malware In Blockchain

Hackers Spread Malware With Blockchain

Subscribe to our newsletter

    Latest Incidents

    AWS Outage Disrupts Major Services

    Envoy Air Hit By Oracle System Hack

    F5 Breach Hits 262000 BIGIP Systems

    Pro Hamas Hackers Target Airport Speakers

    Prosper Breach Hits 17 Million Accounts

    Sothebys Data Breach Exposes Customers

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial