#FactCheck: Phishing Scam on Jio is offering a ₹700 Holi reward through a promotional link

Introduction

In the hyper-connected era, something as mundane as charging your phone can become a gateway to cyberattacks. A recent experience of Assam Chief Minister Himanta Biswa Sarma has reignited fears of an emerging digital menace called juice jacking. Sarma, who was taking an Emirates flight from Delhi to Dubai, used an international charger and cable provided by another passenger on board. As he afterwards reported on X (formerly Twitter), the passenger got off while he slept and so could not return the borrowed items. Though most people admired the CM's humility and openness, cybersecurity experts and citizens were quick to point out a possible red flag, that it could be a juice-jacking attempt. Whether by design or not, the scene calls out to the concealed risks of using unfamiliar charging equipment, particularly for those who hold sensitive roles.

What Is Juice Jacking?

Juice jacking takes advantage of the multi-purpose nature of USB connectors, which can carry both electrical energy and information. Attackers hack USB ports or cables to either:

• Insert harmful payloads (malware, spyware, ransomware) during power transfer, or
• Create unauthorised data pathways for silent information exfiltration.

Types of Juice Jacking Attacks

1. Data Theft (Exfiltration Attack): The USB cable or port is rigged to silently extract files, media, contacts, keystrokes, or login information from the attached phone.
2. Malware Injection (Payload Attack): The USB device is set to impersonate a Human Interface Device (HID), such as a keyboard. It sends pre-defined commands (shell scripts, command-line inputs) to the host, loading backdoors or spying tools.
3. Firmware Tampering: In more sophisticated cases, attackers implement persistent malware at the bootloader or firmware level, bypassing antivirus protection and living through factory resets.
4. Remote Command-and-Control Installation: Certain strains of malware initiate backdoors to enable remote access to the device over the internet upon reconnection to a live network.

Why the Assam CM’s Incident Raised Flags 

Whereas CM Sarma's experience was one of thanks, the digital repercussions of this scenario are immense:

• High-value targets like government officials, diplomats, and corporate executives tend to have sensitive information.
• A hacked cable can be used as a spy tool, sending information or providing remote access.
• With the USB On-The-Go (OTG) feature in contemporary Android and iOS devices, an attacker can run autorun scripts and deploy payloads at device connect/disconnect.
• If device encryption is poor or security settings are incorrectly configured, attackers may gain access to location, communication history, and app credentials.

Technical Juice Jacking Indicators

The following are indications that a device could have been attacked:

• Unsolicited request for USB file access or data syncing on attaching.
• Faster battery consumption (from background activities).
• The device is acting strangely, launching apps or entering commands without user control.
• Installation of new apps without authorisation.
• Data consumption increases even if no browsing is ongoing.

‍

CyberPeace Tech-Policy Advisory: Preventing Juice Jacking

‍

1. Hardware-Level Mitigation
   
   1. Utilise USB Data Blockers: Commonly referred to as "USB condoms," such devices plug the data pins (D+ and D-), letting only power (Vcc and GND) pass through. This blocks all data communication over USB.
   2. Charge-Only Cables: Make use of cables that physically do not have data lines. These are specifically meant to provide power only.
   3. Carry a Power Bank: Use your own power source, if possible, for charging, particularly in airports, conferences, or flights.

2. Operating System(OS) Level Protections

1. iOS Devices:

‍

Enable USB Restricted Mode:

Keep USB accessories from being able to connect when your iPhone is locked.

Settings → Face ID & Passcode → USB Accessories → Off

‍

2. Android Devices:

Disable USB Debugging:

Debugging makes device access available for development, but it can be taken advantage of. If USB Debugging is turned on, and someone connects your phone to a computer, they might be able to access your data, install apps, or even control your phone, especially if your phone is unlocked. Hence, it should be kept off. 

Settings → Developer Options → USB Debugging → Off

‍

3. Set USB Default to 'Charge Only'

Settings → Connected Devices → USB Preferences → Default USB Configuration → Charge Only

‍

3) Behavioural Recommendations

• Never take chargers or USB cables from strangers.
• Don't use public USB charging points, particularly at airports or coffee shops.
• Turn full-disk encryption on on your device. It is supported by most Android and all iOS devices.
• Deploy endpoint security software that can identify rogue USB commands and report suspicious behaviour.
• Check cables or ports physically, many attack cables are indistinguishable from legitimate ones (e.g., O.MG cables).

Conclusion

"Juice jacking is no longer just a theoretical or obscure threat. In the age of highly mobile, USB-charged devices, physical-layer attacks are becoming increasingly common, and their targets are growing more strategic. The recent case involving the Assam Chief Minister was perhaps harmless, but it did serve to underscore a fundamental vulnerability in daily digital life. As mobile security becomes more relevant to individuals and organisations worldwide, knowing about hardware-based attacks like juice jacking is essential. Security never needs to be sacrificed for convenience, particularly when an entire digital identity might be at risk with just a single USB cable.

References

• https://www.indiatoday.in/trending-news/story/assam-chief-minister-himanta-biswa-sarma-x-post-on-emirates-passenger-sparks-juice-jacking-concerns-2706349-2025-04-09
• https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2016-0085
• https://www.fcc.gov/juice-jacking-tips-to-avoid-it
• https://www.cyberpeace.org/resources/blogs/juice-jacking
• https://support.apple.com/en-in/HT208857
• https://developer.android.com/studio/debug/dev-options

‍

Executive Summary

‍

A news video is being widely circulated on social media with the claim that Bihar Chief Minister Nitish Kumar has resigned from his post in protest against the ongoing UGC-related controversy. Several users are sharing the clip while alleging that Kumar stepped down after opposing the issue. However, CyberPeace research has found the claim to be false. The researchrevealed that the video being shared is from 2022 and has no connection whatsoever with the UGC or any recent protests related to it. An old video has been misleadingly linked to a current issue to spread misinformation on social media.

‍

Claim:

‍

An Instagram user shared a video on January 26 claiming that Bihar Chief Minister Nitish Kumar had resigned. The post further alleged that the news was first aired on Republic channel and that Kumar had submitted his resignation to then-Governor Phagu Chauhan. The link to the post, its archived version, and screenshots can be seen below. (Links as provided)

• https://www.instagram.com/reel/DT-obW1EmRd/?igsh=MWV0YWFvNW9lbWJqbA%3D%3D 
• https://archive.ph/vBlv8 

‍

‍

‍

Fact Check: 

‍

To verify the claim, CyberPeace first conducted a keyword-based search on Google. No credible or established media organisation reported any such resignation, clearly indicating that the viral claim lacked authenticity.

‍

‍

Further, the voiceover in the viral video states that Nitish Kumar handed over his resignation to Governor Phagu Chauhan. However, Phagu Chauhan ceased to be the Governor of Bihar in February 2023.  The current Governor of Bihar is Arif Mohammad Khan, making the claim in the video factually incorrect and misleading.

‍

‍

In the next step, keyframes from the viral video were extracted and reverse-searched using Google Lens. This led to the official YouTube channel of Republic Bharat, where the full version of the same video was found. The video was uploaded on August 9, 2022. This clearly establishes that the clip circulating on social media is not recent and is being shared out of context.

• https://www.youtube.com/watch?v=Yk-gC7KD3ao 

‍

‍

Conclusion

CyberPeace’s research confirms that the viral video claiming Nitish Kumar resigned over the UGC issue is false. The video dates back to 2022 and has no link to the current UGC controversy. An old political video has been deliberately circulated with a misleading narrative to create confusion on social media.

‍

Introduction

MGM Resorts, which is an international company, has suffered an ongoing cyberattack which led to the shutdown of a number of its computer systems, including its website, in response to a cybersecurity issue. MGM Resorts International is in touch with external cybersecurity experts to resolve the issue since it has affected its entire Computer systems. MGM is a larger entity and operates thousands of hotel rooms across Las Vegas and the United States. MGM Resorts shared about the incident and posted that MGM recently identified a cybersecurity issue affecting some of the Company's systems. Promptly after detecting the issue, they quickly began an investigation with assistance from leading external cybersecurity experts. MGM has notified law enforcement and took prompt action to protect systems and data, including putting down certain systems. MGM further stated that the investigation is ongoing. 

‍The issue 

Basic operations such as the online reservation and booking system MGM have been affected and shut down due to the cybersecurity issue faced by a lot of visitors. Since earlier times, casino security has been the state of the art as they were very vulnerable to attacks by robbers and con artists. This is what we have also seen in a lot of movies. In today's time, con artists and robbers are now strengthened by cyber tactics. This is exactly what was seen in the case of the MGM attack. 

MGM Resorts is home to best-in-class amenities and facilities for guests, but with the increase in tourist traction, the vulnerabilities and the scope of cyber attacks have also increased. This is also because of open wifis in the establishments and the transition of casinos to e-casinos, thus causing a major shift towards digital and technology-based intervention for better customer experience and streamlining a lot of operations. 

How real is the threat? 

As reported by MGM Resorts, the following systems were impacted in the cyber security attack: 

• Slots Machines: The slot machines placed in the casino suddenly went offline and displayed an error message for the players. Some players who were already using the slot machines lost their bets and were unable to withdraw their winnings. 
• Room Keys: Some of the guests reported that the room keys became unresponsive, and in some cases, the replacement keys were also inactive for some time, causing massive chaos at the reception.  
• Booking Status: All the bookings in today's time are made online; this was one of the worst-hit segments of the cyber attacks. Most of the bookings made automatically were put on hold, and the confirmations could be made only from the hotel reception, thus causing massive cancelling of the bookings and both the hotel and customers losing out on money.
• MGM App: The official app of MGM Resorts was completely down, thus causing a situation of confusion and panic among the guests. The users also received notifications to speak to different customer care executives, but some of the numbers were unattentive and seemed to be operated by bad actors. 
• Data breach: The main focus of the cyber attack was dedicated to committing a data breach. The attack led to the breach of personal data of most of the users registered on the app or on the system of MGM Resorts. 

‍

Conclusion 

The cyber attack on the tourism industry is a major and growing concern for the industry and its customers. Seeing the volatility of the data and the regular inflow of personal information this makes the hotel's cyber security system a vulnerable choice for bad actors. The cyber attack was no less than a fire sale, where in all the segments of the services offered were impacted. Similar attacks were reported by MGM in 2019 and 2020, and subsequently, the safety measures were also deployed, but the bad actors have hit the resorts chain owners again, in such cases the most paramount defence is having a safe and regularly updated firewall, upskilling of staff for IT issues and attacks, active reporting and investigation mechanisms for assisting the LEAs. In the times of rising cyberattacks, one needs to be critical of their data management and digital footprints. The sooner we adopt safe, secure and resilient cyber hygiene practices, the safer our future will be.  

‍

References:

https://www.bleepingcomputer.com/news/security/mgm-resorts-shuts-down-it-systems-after-cyberattack/

https://www.usatoday.com/story/tech/news/2023/09/11/mgm-cyber-attack-impact-resorts-hotels-us/70828503007/

https://www.cnbc.com/2023/09/12/mgm-resorts-cybersecurity-incident-forces-system-outage.html

‍