We are used to seeing all kinds of hacks and breaches of our privacy. In the vast majority of cases they occur due to malicious software that has broken into some of the most popular application bazaars, or due to the misuse that the user has made of their device. However, now we know one of the most curious cases in the history of this industry, and which has uncovered a hacking system that features the new fast charge of our mobiles.
Fast charging technology is developing at a frenetic pace. Since its birth it has been surrounded by controversy regarding the possible damage that this system can do to batteries in the long term, reducing their useful life. This has not prevented manufacturers from presenting technologies of 100W or 125W fast charge.
Phones that could burn
However, the Tencet Security Xuanwu laboratory, which is working in collaboration with giants like Xiaomi or Ander, have detected that a large number of fast-charging devices have security problems. As the report details, an attacker could control charging behavior by rewriting the firmware of a fast-charging device and causing it to components may burn.
According to initial estimates, there could be hundreds of millions of devices affected, virtually any terminal that is powered by USB could be a victim, according to the report. This type of attack has been dubbed “BadPower” and was has been detected by testing 35 fast charge chargers and powerbansks. Of these, 18 exhibited security concerns, involving eight different brands and nine different models of fast-charging chips.
This vulnerability allows an attacker to hack the firmware of a device with fast charge, using a special device or a compromised digital terminal such as a mobile or laptop. The attack does not violate the privacy of the user, but allows to modify the voltage of the load, to the extreme of generating excessive power that could lead to serious risk for the safety of the user and the environment.
Tencet Security Xuanwu Lab’s recommendation is update charging device and do not use quick chargers for devices that do not support this type of charging. The report also investigated the fast charging chips on the market and revealed that about 60% allow a finished product to update the firmware through the USB port.