The growing popularity of power supplies with increased power did not remain without attention of hackers. According to Chinese security experts are using the vulnerability of iron power, attackers can damage not only charging, but connected to them smartphones.
Unit Xuanwu Lab, part of the tech giant Tencent, told about the mechanism of the attack, dubbed BadPower, writes ZD.
How it works
Hackers carried out the substitution of the numeric values in the firmware of the power supply, artificially raising the output voltage and current. These actions lead to components overheating when charging – it is, in turn, can cause breakage of the accessory of the gadget and cause a fire.
Hackers have learned to “burn” charging at a distance
Quick chargers are not only a set of primitive radio components, but also include a chip with their own firmware. The objective of this firmware is low-level “communication” between the power unit and the smartphone to correct the value of voltage and current. The danger of BadPower mechanism is that changing the firmware settings of the microcontroller occurs without symptoms, and the procedures needed within minutes.
The solution to the problem
In the study, experts Tencent has been tested 35 chargers from different manufacturers, 18 of which were vulnerable to this method of hacking. On the device the problem can be solved with firmware updates, but the “patch” their own power supply, the user will not be able. Now manufacturers are already taking suggestions for the protection from vulnerability BadPower planning to integrate a reliable way to encrypt firmware in a new version of the chargers.
Share the news