How To Keep Your Android Safe From The New “Choicejacking” Attack: Security experts at NordVPN, the brand behind one of the best VPN deals out there, have found a scary new cyberattack that can take over your phone in just 133 milliseconds. That is actually faster than a human blink.
Hackers Can Hijack Your Phone in 133 Milliseconds
This new threat is called choicejacking, and it is a sneaky way for hackers to get around your phone’s permission settings without you even saying “yes.” They have figured out how to bypass the built-in protections on Android devices, making it frighteningly easy to break in.
If it works, your phone could be tricked into handing over full access to your data without you having any idea. While you think you are just charging your battery, someone could be digging through your photos, contacts, and personal files.
Choicejacking: The Sneaky New Cyber Threat
“Choicejacking is particularly dangerous because it manipulates a device into making decisions users never intended, all without them realising it,” warns Adrianus Warmenhoven, a cybersecurity advisor at NordVPN. He says these attacks take advantage of the trust we naturally have when using our devices.
You plug your phone into what looks like a normal charging station, maybe at an airport, hotel, or café. But in reality, the charger is a disguised attack tool. It pretends to be a safe USB or Bluetooth device, then tricks your phone into turning on data-transfer or debugging mode without asking you first.
Once that happens, malware can be installed on your phone in less time than it takes you to blink. Your device ends up “making choices” for you, letting the fake charger grab all your stored info.
The worst part is that it skips the usual safety prompts you would normally see, like that pop-up asking if you “trust this device” when you plug into something new. Hackers have figured out how to quietly get past those warnings altogether.
Warmenhoven’s advice is clear: do not trust public USB ports. “Public USB ports should never be treated as safe, and awareness is the first line of defence.”
Other Tricks Hackers Have Used to Fool You
Before choicejacking, cybercriminals already had tricks to mess with your decisions. They used dark patterns, which are fake pop-ups or messages designed to make you click the wrong button.
They also used clickjacking, where you click something that looks harmless but actually gives hackers control. And there was nudging, which makes the “wrong” choice seem safer or easier, so you will pick it without thinking.
There is no need to panic. A few smart habits can keep you safe. Keep your phone updated with the latest security patches, as they often fix the loopholes hackers rely on. Try not to let your battery drop under 10 percent too often, so you are not tempted to use any charger you find.
Carry a portable power bank, which is the safest option because you know exactly where it came from. If you must charge in public, use a wall outlet with your own charger instead of built-in USB ports, as those are the ones hackers target most. Android users should use “Charge only” mode whenever possible, since it adds another layer of protection.
How to turn on “Charge only” mode
-
Plug your phone into a charger.
-
Swipe down to open your notification panel. You should see something like “Charging this device via USB” or “USB for file transfer.”
-
Tap that USB notification to open your USB preferences.
-
Choose “Charge only” or “Charging phone only.”
This way, the next time you are out and about, you can power up without giving cybercriminals a free pass into your phone.
ALSO READ: Is GPT-5 Really Here? The Truth Behind The “Introducing GPT-5” Message
