On some fast-charging chargers, an attacker could take advantage of the ability to read and write via the USB port to send malicious code and change the charger firmware, according to researchers in China.
Έyou fast charger It's supposed to recharge a phone's battery in minutes. The problem is that a hacker can damage the charger firmware and cause your devices to catch fire.
Security researchers in China have recently managed to "infect" a variety of malicious fast chargers to provide more voltage than a connected device could handle. The overload caused a spark, burning and melting of the components inside the affected electronics.
The foundings from Tencent's Xuanwu Laboratory, which identified a potential problem with the technology. For power, fast chargers use a USB port, which is connected to your smartphone via cable. However, in some cases the same USB port also acts as a data connection, allowing you to read and write information to the charger firmware.
According to Xuanwu Lab, connecting data to these USB ports has no safeguards to prevent breaches. As a result, an attacker could take advantage of the read and write capability to send malicious code to change the charger firmware.
By default, the fast charger is only supposed to provide the standard 5 volts for devices that do not support the fast charge standard. However, by rewriting the firmware, the charger can continuously deliver up to 20 volts, which will cause a dangerous overload.
The firmware can also be used to send incorrect signals. For example, the charger may tell a connected smartphone that supports fast charging that it provides 5 volts of power. In reality, though, the charger provides 20 volts, which it probably will destroy the battery over time.
The lab presented the vulnerability of "BadPower" in a video. The malicious code is transmitted to a smartphone, which transmits the attack as soon as it is connected to the fast charger. Once the firmware is changed, the charger first delivers 5 volts of electricity before rapidly increasing to 20 volts.
In the video, the lab then connects the fast charger to an electronic product, which started sparking 10 seconds after it was connected.
According to Xuanwu Laboratory, there are at least 234 fast charging products on the market. He decided to try 35 of them and found that 18 of the eight different brands suffered from the "BadPower" vulnerability.
The lab did not name the vulnerable products, but has contacted affected vendors and China National Vulnerability Database about the potential risk. The good news is that vendors can fix the problem with a firmware update, which can be delivered via a connected smartphone.
To solve the problem, the lab recommends that manufacturers install protections around the USB data connection of fast chargers or disable the function altogether. Also, the firmware of the chargers should be checked for any vulnerabilities.
[the_ad_group id = ”966 ″]
ΜDo not forget to join (register) in our forum, which can be done very easily by the following button…
(If you already have an account in our forum you do not need to follow the registration link)
Follow us on Telegram!
