We expose an USB vulnerability in some vendors’ customization of the android system, where the serial AT commands processed by the cellular modem are ex-tended to allow other functionalities. We target that vulnerability for the specific vendor system and present a proof of concept of the attack in a realistic scenario environment. For this we use an apparently inoffensive smartphone charging sta-tion like the one that is now common at public places like airports. We unveil the implications of such vulnerability that culminate in flashing a compromised boot partition, root access, enable adb and install a surveillance application that is im-possible to uninstall without re-flashing the android boot partition. All these at-tacks are done without user consent or knowledge on the attacked mobile phone.