Categories: NewsTech

BadPower: This fast-charging hack can set your smartphone on fire

We’ve all heard the myth that smartphones can spontaneously catch on fire, which is why many choose not to charge their smartphones by their bedsides at night. Regardless of whether that is true or not (it’s not, to my knowledge), a new hack has been discovered that could bring those terrifying nightmares to life. According to a new report from Tencent-owned Xuanwu Labs, the BadPower hack tricks fast charging power bricks into setting a connected smartphone on fire.

It must be noted that only fast charge power adapters are seemingly affected by the hack—which is still worrying, given the increasing amount of fast chargers in the market today. The report doesn’t specifically point towards any particular brands or phones, although 35 power bricks from various manufacturers were tested.

Wait, so how does BadPower work?

The BadPower hack works by corrupting the charging adapter’s firmware, which is then tricked into pushing too much electricity that might be over the phone’s rated maximum input. This then leads to a buildup in heat, which then leads to melted components—and yes, phones literally catching on fire.

While there are a variety of fast charging protocols from various manufacturers nowadays, the basic principle is the same. The power brick and accompanying smartphone, when connected, perform a “handshake” of sorts to determine the speeds that the smartphone can handle. This is the very reason why it is still considered safe to connect a smartphone that can only handle regular charging speeds like 10W to a power adapter that can theoretically charge at up to 30W.

SOURCE

However, when the firmware is hacked, the power brick can be manipulated into damaging phones that are connected. Unlike many security vulnerabilities today, BadPower doesn’t actually compromise your privacy—but phones catching on fire are certainly equally dangerous.

So, how do you avoid the BadPower hack?

Fortunately, it appears that a BadPower attack can only be initiated in person. This means that a special device—usually disguised as a smartphone—must be connected to the charger to initiate the corrupted firmware. Additionally, attackers can also connect an infected smartphone of their own to a power adapter, which then corrupts its firmware.

According to the report, there are 234 fast charging devices in the market today, although only 35 were tested during the study. More than half of these chargers were found to be vulnerable to BadPower, with 18 models from 8 different tech brands at risk.

The fix to the issue? It’s pretty simple: upgrade the firmware of your power brick. However, not every charging adapter supports firmware updates—which means that those adapters are as good as gone, basically.

To protect power adapters in the future, researchers are also advising manufacturers to ad technical requirements for safety verification for firmware updates. Other safeguards such as an overvoltage protection circuit are advised, along with chip fuses for non-fast charging.

To read the full report (in Chinese), click here.

[ SOURCE ]

Recent Posts

Honor X9c 5G Malaysia: More durable than ever before, priced from RM1,499

Honor has officially launched the Honor X9c 5G here in Malaysia. Despite featuring similar internals…

12 mins ago

Xiaomi’s first clamshell foldable smartphone redefines style in a compact yet powerful form

This post is brought to you by Xiaomi. Combining cutting-edge technology with a sleek, foldable…

2 hours ago

GXBank to rollout GX FlexiCredit this month, GX Biz Banking for MSME coming soon

During its GX 2.0 event, GXBank revealed its new digital financial products aimed at helping…

2 hours ago

GX 2.0: GXBank continues to offer unlimited cashback with some tweaks

GXBank turns one and they have revealed its latest features and initiatives for its next…

4 hours ago

MG ZS EV now available for RM99,999: The cheapest electric SUV in Malaysia

You can now get an MG ZS EV for as low as RM99,999, making it…

4 hours ago

Prime Minister’s Department: Over 1,500 cyberattacks launched at ministries’ infrastructure systems

There have been over 1,500 cases of cyberattacks launched against Malaysian ministries' infrastructure systems in…

9 hours ago

This website uses cookies.