[Security Issue] Emerging Cyber Threat: USB Port Hacking
USB port hacking is a rapidly emerging form of cyberattack in today’s digital landscape. The threat has become so serious that both the FBI and the Federal Communications Commission (FCC) have issued official warnings in recent years. Notably, the FBI’s Denver field office advised the public to “avoid using free charging stations at airports, hotels, and shopping centers,” cautioning that malware and monitoring software can be delivered to devices via public USB ports. Emerging Cyber Threat USB Port Hacking
This issue gained widespread attention after several cybersecurity research institutes reported real-world incidents and verified the risks involved.
In particular, as of 2024 and 2025, numerous domestic and international cases have been reported involving the distribution of cryptocurrency mining malware via USB devices. Furthermore, intelligence indicates that a hacking group known as UNC4990 has been systematically spreading malware through USB-based attacks. In January 2025, awareness among Apple users rose sharply when a new security vulnerability was discovered targeting the USB-C port on iPhones. Emerging Cyber Threat USB Port Hacking
Key Threats and Methods of USB Port Hacking
- Exploiting public USB charging stations and cables
One of the most well-known USB hacking methods is “Juice Jacking.” This technique involves leaking smartphone data by embedding malicious software into USB chargers installed in public locations. Charging stations found in everyday places such as airports, shopping malls, and cafés have become frequent targets for hackers.
According to real-world cases, cybersecurity experts warn that criminals can gain unauthorized access to electronic devices by injecting malicious code into public USB charging stations. Malware delivered through compromised USB ports can lock devices or transmit personal data and passwords directly to attackers. The FBI considers this risk significant and recommends avoiding public charging stations altogether, especially during the busy summer travel season.
- Bad USB and other malicious hardware attacks
Bad USB refers to an attack method that alters the firmware of a USB device to make it appear as a regular storage device while performing malicious functions in the background. These attacks are particularly dangerous because they are difficult to detect with standard antivirus software and are recognized as trusted devices by operating systems.
In a recent case, the hacking group UNC4990 was found to be planting malicious files on USB drives, prompting victims to execute them manually.
In Korea, cases of malware distribution via USB devices have also been confirmed in 2025, specifically targeting cryptocurrency mining. According to AhnLab, malware has been spreading through USBs, and with the rising value of cryptocurrencies, mining malware that hijacks PC resources without user consent is actively circulating. This kind of unauthorized activity can significantly degrade system performance and may be considered illegal.
- Exploiting corporate and institutional security vulnerabilities
USB-based attacks targeting companies and institutions are more sophisticated and organized. Notably, a security vulnerability discovered in the iPhone’s USB-C port showed that malicious code could be installed despite Apple’s strict security measures. The flaw exploits the ACE3 controller chip, which manages charging and data transfers on iPhones, and demonstrates the potential to bypass traditional USB Restricted Mode.
At the organizational level, executives and employees often use USB drives they’ve picked up from unknown sources. These so-called “bait USB” attacks are especially common overseas. In such cases, attackers deliberately drop infected USB drives in parking lots or near office entrances, waiting for curious employees to plug them into company computers.
Government and Institutional Response Strategies
The U.S. government has recognized the seriousness of USB port hacking and is taking systematic measures to address it. The FBI has been issuing warnings against the use of public charging stations since 2023, and the Federal Communications Commission (FCC) has labeled juice jacking as a “new form of cyber theft,” urging the public to remain cautious. In South Korea, cybersecurity authorities have also been issuing alerts about the risks of juice jacking attacks. In July 2024, local security reports warned of potential data leakage from smartphones when using USB chargers in public places. An ongoing public awareness campaign is being conducted to educate users about these threats.
Device manufacturers are continuously releasing firmware updates and security patches to mitigate USB-related vulnerabilities. Smartphone manufacturers, in particular, are working to strengthen restrictions on data access via charging ports. Apple, for example, has introduced a feature called USB Restricted Mode, which blocks data access after a period of inactivity. However, as noted earlier, even these security features are not foolproof and require ongoing enhancement. Operating systems are also evolving to offer more transparent warnings when USB devices are connected and to provide users with more granular control over data access permissions. Platforms such as Windows, macOS, Android, and iOS are all moving toward stricter security models that require users to grant explicit approval before any data transmission occurs via USB connections.
USB port hacking is a real and serious security risk—it is no longer just a theoretical threat.
At the individual level, it’s crucial to avoid using public USB charging stations whenever possible and to make it a habit to carry personal chargers and cables. If you must use a public charging station, consider using a charge-only cable or a USB data blocker to physically prevent data transfer. Users should also avoid plugging in USB devices of unknown origin, carefully read any security warnings that appear on their device when connecting a USB, and make informed decisions about granting data access permissions. Keeping operating systems and antivirus software up to date is a basic but essential part of staying protected.
In corporate environments, it’s important to establish clear policies on USB usage and provide comprehensive employee training. Reducing reliance on USB devices—and transitioning to cloud-based data storage and file sharing platforms—can serve as a safer, more modern alternative, especially in line with current IT infrastructure trends. Emerging Cyber Threat USB Port Hacking
* Would you like to learn more?
We invite you to discover how we can help your business.