A new case of vulnerability on mobile phones has just come to light. This new attack that comes to harm the phone to the point of burning it completely, It is mostly disturbing Android users because the damage comes from one of its accessories.
The team of Andro4all He has published about this affectation that is disturbing users due to the ruthless way in which he breaks down mobile devices. How? by means of fast charging.
This new virus has been named BadPower and has no intention of stealing data or infecting the device, this time it directly attacks the chargers with fast charge than when connecting with the phones initiates an imminent and continuous energy overload affecting the device’s battery, damaging other components from overheating, and even literally burning the device.
How does it work?
The group of researchers from Xuanwu Lab belonging to the Chinese company Tencent, he mentions in a publication that this malware is injected into fast-loading chargers, modifying the firmware of these and reconfiguring the voltage output that they must send to the devices, since the standard load is altered and increases it to the maximum output allowed by the charger.
The attack is silent and imperceptible, because as already mentioned, it does not alter any of the characteristics of the system and can damage both phones, tablets and computers.
In his report to the community, Tencent explains the two processes for carrying out the BadPower attack.
The process of a typical BadPower attack initiated by special hardware is as follows:
- The attacker used a special device disguised as a mobile phone to connect to the charger’s charging port to invade the charger’s internal firmware.
- When the user uses the hacked charger to charge other devices, the charger will perform a power overload attack on the powered device.
The process of a typical BadPower attack through an ordinary terminal is as follows:
- The attacker invades the user’s mobile phone, laptop and other terminal devices in some way, and implants malicious programs with BadPower attack capabilities in them, turning the terminal device into a BadPower attack agent.
- When the user connects the terminal device to the charger, the malicious program on the terminal device invades the internal firmware of the charger.
- When the user uses the hacked charger to charge the device again, the charger will perform a power overload attack on the powered device.
In addition, it also offers a couple of tips to prevent this new malware or any variation that may affect it in the future.
When designing and manufacturing fast charging products in the future, you should pay attention to:
- Please perform a strict legality check on the behavior of updating the firmware via the USB port, or do not provide this feature.
- Perform strict security checks on the device firmware code to avoid common software vulnerabilities.
Android users mostly affected and susceptible to attack
Most of those affected are Android phone users due to the open system that it maintains when it comes to accessories. In other words, there are more products manufactured by third parties with the possibility of accessing this market without restrictions (or without care), unlike Apple, which offers and advises the use of accessories from associated third parties, denying the possibility that “any product” is available to users of your devices.
However, although the risk is minimal, it should not be forgotten that Apple already has some devices compatible with this fast charge that could be affected.
So far 18 of the 35 tested chargers are vulnerable to this attack. The researchers They don’t yet offer a list of vulnerable chargers. because it is expected that this malware will be completely removed now that it has already been exposed.