The WandMan logo
Security

Even Fast Chargers are not safe from hackers

The WandMan Team May 28, 2021 0 1 min read
1,276

Attackers can alter the firmware of fast charger devices

Fast charging is fast becoming commonplace across smartphones and other devices. As wattage and voltage increase, charging times decrease, making this technology a must-have for those on the go. But while the convenience of fast charging is clear, the technology can also be used maliciously.

Detailed by Tencent’s Xuanwu Lab (via ZDNet), a vulnerability called BadPower can modify the firmware of some fast chargers.

How is this possible?

BadPower corrupts a fast charger and effectively stops its chip’s firmware and the charging device from agreeing on a set voltage. Some fast chargers can push 20 volts, but some devices can only safely accept 5V. By overloading a device with more voltage than it can handle, researchers found that they could cause some devices to burst into flames.

While researchers used a “special device disguised as a mobile phone” to corrupt a fast charger’s firmware, researchers believe that phones, laptops, and other devices infected with the requisite “malicious programs” can be used in a similar way.

BadPower may not seem as invasive as data-stealing malware or ransomware, but it does demonstrate how one infected device or one corrupted fast charger could physically destroy a number of others. The researchers also found that at least 18 of the 35 fast chargers they tested could be vulnerable to BadPower.

Of those 18, 11 could be corrupted using “digital terminals” or phones and other devices that support fast charging. The researchers did not detail which companies’ chargers were affected.

Possible solutions

To mitigate the risks, researchers suggest manufacturers add additional fuses to devices that support lower voltage fast charging. For users, they warn against easily dishing out your phone charger or power bank to others.

End users are advised to keep their devices safe by not giving their own fast charger and power bank to others and by not using those belonging to other people or establishments.

Ultimately, though, this is a problem that has to be solved by the manufacturers.

They should make sure that fast chargers’ firmware is without common software vulnerabilities and make sure that firmware can’t be modified without authorization.

Watch the demo of this attack in this video below

Follow our Facebook and Twitter page for more contents and news.

Author

The WandMan Team

See author's posts

Tags :

The WandMan Team

View More Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Elon Musk targeted by Anonymous Group over crypto tweets

Hacktivist group ‘Anonymous’ has now targeted Tesla CEO and billionaire, Elon Musk over his tweets that shake the crypto market.

June 6, 2021 0 1 min read

Apple AirTags got hacked for real

Apple AirTags has reportedly been hacked by a German cybersecurity researcher. The researcher used reverse-engineering on the latest Apple device’s microcontroller to do this

May 15, 2021 0 1 min read

McDonald’s suffers massive data breach in some regions

Fast-food giant McDonald’s Corp has fallen prey to a data breach after unauthorized activity was detected on its network.

June 12, 2021 0 1 min read

Android apps caught stealing Facebook credentials

Google has removed a few popular Android apps from PlayStore that were caught red-handed for stealing user’s Facebook credentials.

July 7, 2021 0 1 min read