Chinese security researchers have found that changing software of fast chargers can cause serious damage that can lead to the melting of critical components and even set them on fire. The break-in earned the nickname "BadPower" and was unveiled during the week by the Xcentwu Lab group of the Chinese company Tencent. According to the researchers, 35 fast cargoes were examined from a list of 234 models, and it was found that 18 models from 8 manufacturers are vulnerable to the loophole. The attack takes place without the user knowing, and it takes effect within seconds from the moment the user connects the smartphone to the charger.

Fast charging is done by supporting the charger itself and the smartphone. The charging power is determined by the capabilities of the smartphone and charger, using a chip inside the battery, and another chip inside the charger. This is also the reason why it is important to replace only original batteries, and purchase original chargers from a reliable source. The security breach allows the software to be changed in the charger while the smartphone is charging. This way the attackers manage to bypass the chip's limitations of the charge, causing it to provide higher voltage than it is capable of providing, thus burning the chip and in extreme cases even burning the entire charge until it catches fire.

And there is also good news: the investigators reported that the breach was exposed by them as early as March 27 and have since worked with the various cargo manufacturers to release a software update that resolves the severe breach, and does not appear to require hardware repair at this stage. However, they said that it is also essential to make software updates for chargers in order to harden the load of voltage when charging. Regardless of the current loophole, it is recommended to purchase an original charger and take safety precautions when charging the smartphone, including removing the charger from the head while sleeping.

 source: International news agencies

Post a Comment

Previous Post Next Post