A new security flaw has been discovered in a fast charger that can burn your smartphone to ashes. As per a report, the new technique is known as BadPower attack and it reveals that the firmware of fast chargers can damage a smartphone.
As per a report published by Xuanwu Lab, a research unit of Tencent, BadPower attack can damage connected devices, melt its components and even set it on fire.
How does BadPower attack work?
In order to understand the working of BadAttack technique, let’s first understand the Fast charging mechanism. The fast chargers come with firmware that communicates with the device and decides to deliver the fast charging solution. If a device does not support fast charging, the firmware will deliver the standard 5V output. However, if a device is compatible with fast charging then the charger provides 12V, 20V or even faster-charging speeds to charge the device in a few minutes.
The BadPower Attack uses this firmware to burn your smartphone. The technique corrupts the firmware and it alters the charging parameters and pushes a higher voltage than the amount set by the manufacturer. This degrades the components and it leads to unexpected heating, melt or even burn.
The report reveals that out of 25 selected fast chargers from 234 models available in the market, 18 models from 8 different companies were found with this vulnerability. The report highlights that the issue can be fixed with a firmware update, though most of the manufacturers do not install the chips that have an option to receive firmware updates. This simply means that there is no way through which this vulnerability can be fixed.
How BadPower Attack is dangerous!
The BadPower attack vulnerability is quite dangerous as the attacker can simply connect an attacking rig to the fast charger and the firmware will get corrupted quite easily. Furthermore, attackers can simply load the attack code to modify the firmware on the target smartphone or even a laptop. So, whenever the victim connects the device to the fast charger, the device will simply explode.