A new case of vulnerability on cell phones has just surfaced. This new attack that damages the phone to the point of burning it completely, It mostly bothers Android users because the damage comes from one of its accessories.
The Andro4all team posted on this posting which bothers users due to the ruthless way it breaks down mobile devices. How? ‘Or’ What? thanks to fast charging.
This new virus was named BadPower and does not intend to steal any data or infect the device, this time it directly attacks chargers with fast charge only when connecting with phones triggers an imminent and continuous energy overload affecting the battery of the device, damaging other components by overheating and even literally burning the device.
How it works?
The group of researchers Xuanwu Laboratory Chinese company owned Tencent, mentions in an article that this malware is injected into fast loading chargers, firmware modification of these and reconfigure the voltage output that they should send to the devices, since the standard load is changed and increases it up to the maximum power allowed by the charger.
The attack is silent and imperceptible, because as already mentioned it does not alter any of the characteristics of the system and can damage phones, tablets and computers.
In its report to the community, Tencent explains the two processes behind the BadPower attack.
The process for a typical BadPower attack initiated by special hardware is as follows:
- The attacker used a special device disguised as a cell phone to connect to the charger’s charging port in order to invade the charger’s internal firmware.
- When the user uses the hacked charger to charge other devices, the charger will perform a power overload attack on the powered device.
The process for a typical BadPower attack through an ordinary terminal is as follows:
- The attacker somehow invades the user’s mobile phone, laptop and other terminals and implements malware with BadPower attack capabilities, turning the terminal into an agent of BadPower attack.
- When the user connects the terminal to the charger, malware on the terminal invades the internal firmware of the charger.
- When the user uses the hacked charger to charge the device, the charger will perform a power overload attack on the powered device.
Besides, it also offers some tips to avoid this new malware or any variation that might affect it in the future.
When designing and manufacturing fast charging products in the future, you should pay attention to:
- Please make strict legality check on the behavior of firmware update through USB port, or do not provide this function.
- Perform strict security checks on device firmware code to avoid common software vulnerabilities.
Android users are primarily affected and vulnerable to attacks
Most of those affected are Android phone users due to the open system that it maintains in terms of accessories. In other words, there are more products manufactured by third parties with the possibility of accessing this market without restrictions (or without care), unlike Apple, which offers and advises the use of accessories from associated third parties, denying the possibility that “any product” is available to users of your devices.
However, although the risk is minimal, we must not forget that Apple already has some devices compatible with this fast charge which could be affected.
So far, 18 of the 35 chargers tested are vulnerable to this attack. Researchers They do not yet offer a list of vulnerable chargers. as this malware is expected to be completely removed now that it has already been exposed.
Source : Techradar