Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire
Security researchers from Tencent have devised a technique, dubbed BadPower, to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire.
“Tencent Security Xuanwu Lab discovered a new type of safety problem in some fast charging (hereinafter referred to as fast charging) products and named it “BadPower”.” reads the post published by Tencent.
“Using BadPower, an attacker can hack into devices such as chargers that support fast charging technology, causing the intruded device to output an excessively high voltage when powering externally, resulting in breakdown and burning of the components of the powered device, and even further damage to the powered device. The physical environment where the equipment is located creates a safety hazard.”
Attackers can modify the firmware of a fast charger device to deliver an excessively high voltage that could cause severe damage to the connected equipment, even set devices on fire.
BadPower consists of corrupting the firmware of fast chargers.
Fast chargers can at least provide a maximum of 20V voltage and 100W power for charging devices in tens of minutes. They can even supply power to larger power devices, including laptops and desktop monitors.
Upon connecting the power supply terminal and the power receiving terminal through the charging cable, they start to negotiate the charging power, based on the device’s capabilities.
In case, a fast-charging feature is not supported, the fast charger delivers 5V by default. Experts noticed that by altering the code that controls the power supply behavior in the fast charging device, the fast charging device can input a maximum voltage of 20V to devices that can only accept 5V voltage, causing a power overload.
This technique was dubbed by the researchers BadPower, it consists of altering the default charging parameters to force the device into delivering higher voltage than cannot be handled by the device to charge.
The power overloading could damage the receiver’s components, as they heat up, or even burn.
The experts from the Xuanwu Lab tested the technique against several power receiving equipment to evaluate the potential effects of power overload caused by BadPower.
The researchers tested 35 out of 234 fast-charging devices in the market. At least 18 of them from 8 brands suffered BadPower problems. Among the 18 models, 11 models can be attacked through digital terminals that support fast charging.
Xuanwu Lab also investigated 34 fast-charging chip manufacturers and discovered that at least 18 chip manufacturers produce chips with the function of updating firmware after finished products. Attackers could exploit this function to conduct BadPower attack.
“A few power-receiving equipment with better overload protection can not be affected by BadPower power overload attack. However, in most cases, power overload will cause the relevant chips in the power receiving device to break down and burn out, causing irreversible physical damage.” continue the experts. “In rare cases, BadPower attacks may also affect the security of the physical environment around the device.”
Experts pointed out that the BadPower attack is stealth and fast, there is no way for the victims to detect it.
The researchers say the BadPower attack code can also be loaded on regular smartphones and laptops.
“Most BadPower problems can be fixed by updating the device firmware.” the researchers conclude. “Device manufacturers can take measures to repair the BadPower problems in the sold products according to the situation, for example, to help users update the firmware in the charging device through the maintenance network, or to issue security updates to mobile phones and other terminal devices that support fast charging technology through the network, and upgrade the charging The firmware in the device.”
Researchers also published a video PoC of the BadPower attack.
(SecurityAffairs – hacking, BadPower)