BadPower - Fast Charger Might Burn Your Device - PC SEEKERS

BadPower - Fast Charger Might Burn Your Device

Photo by ready made from Pexels

Fast chargers are meant to charge your device, be it a smartphone or a laptop, to provide hours worth of battery just by charging it for few minutes. Fast chargers look more or less like normal chargers but they have a special firmware that they use to "talk" to the connected devices to determine the charging speed based on the device's capabilities.

If the fast charging feature is not supported by the device which is connected to the charger then the charger just supplies the standard 5V, but if the connected device can handle fast charging then the fast charger can deliver up to 9V or 12V or 20V depending on the capabilities of the fast charger and the connected device.
 
Security researchers at Xuanwu Lab in China recently said that they can alter a Fast charger's firmware to cause damage to or burn the device that it is connected the fast charger whose firmware has been altered.

How Does It Work?

The security researchers tested 35 chargers from 234 models available on the market and found 18 of them from 8 different brands suffered from BadPower vulnerability.
Tencent Security Lab demonstrated this BadPower vulnerability in a video. Once the firmware is altered, the fast charger first delivers 5V of electricity for few seconds before quickly ramping up to 20V which not all the devices support.

In the video the demonstrator connected the fast charger to a battery with a circuit board and it began to spark at around 10 seconds after it was connected.
BadPower works by modifying the default charging power of the effected fast charger to increase voltage and then damaging that device that is connected to the fast charger.

BadPower attack is automated and doesn't require any special equipment to deploy, as demonstrated by the demonstrator in the video, it can also be installed on smartphones and laptops which ones connected to the charger even for a few seconds will change/modify the firmware on the fast charger. Then whenever you connect any device to the charger, it will output unnaturally high amounts of voltage which the device might not have been designed to handle thereby resulting in damage to the device.

“All products with BadPower problems can be attacked by special hardware, and a considerable number of them can also be attacked by ordinary terminals such as mobile phones, tablets and laptops that support the fast charging protocol", the researchers say.

The lab didn't name the vulnerable products but it has contacted the affected vendors about the potential danger. The good news is the vendors can patch the problem with a firmware update via a connected smartphone. But the lab has also stated that 18 fast chargers have been identified to not ship with any firmware update option that could have fixed the problem.

What Can You or I Do?

We just have to follow the practices that the manufactures have recommended us to,
  1. Charge your devices with the certified chargers that came out of the box with the device.
  2. If in case your charger is damaged, only buy/use certified chargers that are rated for the same power capabilities as the device manufacturer recommended.
  3. Now would not be a good time to borrow chargers from strangers or lend your charger to strangers as the attack can be caused by a smartphone too without requiring any special equipment.
  4. Never charge your devices overnight.
  5. Do not use your smartphones while charging considering the amount of batteries/devices that have been burning in flames recently.

No comments:

Post a Comment

•Comments should be written in English.
•Spam and promotional links are not allowed in comments and will be deleted.
•Outgoing links to relevant articles are allowed in the comments, but the comment should also be relevant to the article.
•Comments containing abusive or offensive language or content will be deleted. This includes abusive, offensive, attacking, threatening, vulgar and/or misleading content or language.
•Comments that attack or harass any individual will be deleted.
•PC Seekers Moderators have the right to edit or delete any comment submitted to the site without any prior notice.
•If you have any queries about the commenting policy, do let us know through the Contact Us page.