CATEGORIES
home News

Dangerous BadPower Hack Can Destroy Fast Chargers And Set Devices Ablaze

by Shane McGlaunTuesday, July 21, 2020, 09:46 AM EDT
phone charger

Security researchers from China have outlined a new attack dubbed BadPower that can alter the firmware of fast chargers to cause damage to power systems of connected devices. Using the technique, the researchers say they can melt components or potentially set devices on fire. BadPower was detailed last week in a report published by Xuanwu Lab, which is a research unit of Chinese tech giant Tencent.

BadPower works by corrupting the firmware of fast chargers, which are a newer type charger developed in the last few years that enables battery of smartphones and laptops to be topped off in rapid fashion. One key difference between regular chargers and a fast charger is the firmware inside the latter that can talk to connected devices to negotiate charge speed based on the device's capability. That firmware can determine if fast charging is supported and, if not, delivers a standard 5V charge.

tencent burn
(Image via Tencent)

BadPower alters the default charging parameters to deliver more voltage than the attached device can handle. That additional voltage degrades and damages the receiver components inside the connected device, causing components to heat up, bend, melt, or even burn. The researchers say that the attack is silent, with no prompts or interactions needed to be performed by the attacker.

Essentially, the victim only needs to plug their device into a fast charger that has the corrupted firmware for the attack to take place. Setting up the attack is said to be very quick, with the attacker only needing to connect their properly configured attack device to the charger, wait a few seconds for the firmware to be modified, and walk away. On some fast chargers, no special equipment is needed, and the attack code can be loaded on a smartphone or laptop.

Once the modified firmware is installed, the fast charger will perform a power overload on any subsequently connected device. Researchers noted that out of 35 fast chargers tested, 18 were vulnerable to their attack. The team also analyzed 34 different fast charging chips used in the latest fast charger models and found that 18 vendors shipped chips that lacked upgradable firmware leaving the vulnerability unpatchable. BadPower is a particularly nefarious attack that would likely result in the smartphone vendor being blamed for the fire if executed in the wild.

Tags:  security, Hack, badpower, fast-charging
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment