Plugging in could hack you, CICC flags malicious charging cables

• Photo shows the Data Blocker Pro used by Scam Watch Pilipinas to protect devices from cable-based attacks. This can be classified as juice jacking, but unlike earlier juice-jacking attacks that relied on compromised charging ports or outlets, this newer method embeds the attack directly into the cable itself. That is why a data blocker must be placed between the device and the cable, not between the cable and the power source.

DECODED: TECH, TRUTH, AND THREATS

By Art Samaniego

The Cybercrime Investigation and Coordinating Center has issued a warning about so-called “malicious cables” being sold online that could potentially be used to access data or compromise devices when plugged into phones or computers, according to an ABS-CBN report.

Undersecretary Renato “Aboy” Paraiso of the CICC was quoted as saying that authorities are monitoring malicious charging cables being marketed online to unsuspecting buyers and that more information on the threat will be released soon.

The government has reiterated its warning, emphasizing that these modified accessories may compromise electronic devices when connected to phones, tablets, or laptops.

According to Paraiso, the Cybercrime Investigation and Coordinating Center has noted that charging cables are designed to transmit both power and data. In contrast to standard charging cables, these modified versions exploit the data lines within USB cables, enabling attackers to extract information, inject commands, or install malicious software upon device connection.

Scam Watch Pilipinas advised the public to take the government’s warning seriously, while emphasizing that such attacks are unlikely to target ordinary users. Drawing from my professional experience as a cybersecurity analyst, these malicious cable attacks are expensive to design, deploy, and operate, rendering them impractical for widespread exploitation.

Due to the significant expense and technical complexity involved, these attacks are typically directed at high-value targets, including government officials, corporate executives, journalists, or individuals with access to sensitive systems or confidential information. The primary objective in these instances is targeted data collection and intelligence gathering, rather than indiscriminate disruption.

Individuals who consider themselves at risk are advised to use a USB data blocker, also referred to as a “USB condom.” This compact adapter is inserted between the charging cable and the device, physically blocking data transmission while permitting only electrical power to pass. By separating power delivery from data transfer, the adapter effectively neutralizes the attack vector exploited by malicious cables.

Scam Watch Pilipinas reiterated that consumers should purchase charging accessories exclusively from authorized sellers, avoid using unfamiliar cables or public charging stations, and stay informed without resorting to unnecessary alarm.

The group emphasized that awareness and adherence to basic precautions constitute the most effective defense against hardware-based cyber threats.