Sign In

Communications of the ACM

ACM TechNews

BadPower Attack Corrupts Fast Chargers to Melt or Set Your Device on Fire


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
An equipment fire, the result of the BadPower exploit.

Chinese security researchers said they can corrupt the firmware of fast chargers to cause damage to the items they charge.

Credit: Tencent

Chinese security researchers from Tencent's Xuanwu Lab said they can corrupt the firmware of fast chargers to cause damage to the items they charge.

The BadPower exploit alters the default charging setting to deliver more voltage than the receiving device can manage; the technique needs no prompts or interactions, and the attacker only has to connect an attack rig to the fast charger, wait a few seconds, then leave, having corrupted the firmware.

When the user connects their infected device to the fast charger, the malware modifies the charger's firmware, and the charger will overload any subsequently linked devices, melting or even setting them on fire.

The Tencent team found that although updating device firmware can eliminate the BadPower vulnerability, this option is lacking in many fast-charging chips.

The researchers alerted all affected vendors and the Chinese National Vulnerabilities Database, suggesting tougher firmware safeguards and deployment of overload protection to charged devices.

From "BadPower Attack Corrupts Fast Chargers to Melt or Set Your Device on Fire"

ZDNet (07/20/20) Catalin Cimpanu
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found