| General > General Technical Chat |
| Hackers Can Now Trick USB Chargers To Destroy Your Devices |
| (1/11) > >> |
| splin:
https://www.forbes.com/sites/zakdoffman/2020/07/20/hackers-can-now-trick-usb-chargers-to-destroy-your-devicesthis-is-how-it-works/#4f7548bd5bf2 --- Quote ---The interesting twist here is that the malware might even be on the target device. An attacker pushes that malicious code to your phone. The first time you connect to a vulnerable fast charger, the phone overwrites its firmware. The next time you connect to that same charger to repower your device, your phone will be overloaded. Tencent has produced a demo video, showing how a charger can be compromised and then used to overload a device. Tencent have dubbed this issue “BadPower,” and warn that “all products with BadPower problems can be attacked by special hardware, and a considerable number of them can also be attacked by ordinary terminals such as mobile phones, tablets, and laptops that support the fast charging protocol.” --- End quote --- --- Quote ---The researchers identified 234 fast chargers on the market, and tested 35 of them. Of those, they found “at least 18 had BadPower problems and involved eight brands.” Of those 18 charging devices, 11 were vulnerable to a simple attack through a device that also supports the fast charging protocol, such as a mobile phone. --- End quote --- Just like coronavirus this was clearly "totally unprecedented" and thus you can't blame anyone for not foreseeing the possibility during the USB fast charge specification design process (in the same way governments couldn't have been expected to have made any worthwhile preperations for the possibility of a pandemic). :palm: It will be interesting to see how the USB consortium react to this. One way is to have an approval system for fast chargers requiring the use of fully certified ICs with exclusive control of the USB charge process which cannot be overriden by an external controller - rather like the implementation of HDMI preventing access to the unencrypted datastream. Conformant products would then be allowed to sport the new 'GoodPower' logo. :-DD It will be interesting to see if any high profile manufacturers/brands prove to be vulnerable. Unfortunately I guess there won't be any easy way to identify vulnerable chargers. Probably best to avoid fast chargers altogether unless you know your device is robust. Hopefully this may be just another in a long list of vulnerabilities that in reality is a low probility risk. [EDIT] Now there needs to be an urgent investigation to find out which devices are vulnerable and need to put them into 'shielded protection measures' to ensure proper social isolation from 'BadPower' chargers. Daily prime time news announcements/government presentations will be needed to publicise the ever present danger. |
| davep238:
Are you trying to say that if I have a phone that needs 500mA to charge and it's connected to a 2 A charger, that the charger will somehow "force" 2A into the phone? Unless the charger raises its output voltage, how does the charger "force" more current into the device? :wtf: |
| Mr Evil:
--- Quote from: splin on July 21, 2020, 03:15:50 pm ---Just like coronavirus this was clearly "totally unprecedented" and thus you can't blame anyone for not foreseeing the possibility during the USB fast charge specification design process (in the same way governments couldn't have been expected to have made any worthwhile preperations for the possibility of a pandemic). :palm: --- End quote --- This sounds like it's the fault of the manufacturers, not the spec. Or does the spec demand that chargers have upgradeable firmware, and accept unsigned images? |
| edy:
To mitigate the problem for now at least... don't use a fast charger. Use a "dumb" charger that simply outputs 5V and can't change it's output voltage. But who couldn't see this coming? Why expose firmware to be capable of being reprogrammed? Why wasn't this "negotiation" set up in a secure way, so that malicious software couldn't access this low-level hardware function? |
| MrMobodies:
I thought the firmware could signal back to the charger to simply change the voltage but I never thought of firmware reprogrammable usb chargers. I wonder whether the battery controllers on these phones and tablets can also be compromised to over charge the batteries. So even most phones I have seen now are so locked down and unrooted to the user criminals have more rights to it however malware it gets on there maybe through some "app". It looks like it can also start from the charging stations at a controller level and not malware installed on the phone itself: https://www.forbes.com/sites/zakdoffman/2019/11/15/dont-let-public-usb-charging-stations-ruin-your-holiday-travels-officials-warn/#7b704718410c --- Quote ---The latest official advice on this longstanding debate comes from the Los Angeles County District Attorney’s Office, which has cautioned that “criminals load malware onto charging stations or cables they leave plugged in.” The “dangerous” malware, the officials say, “may infect the phones and other electronic devices of unsuspecting users.” --- End quote --- |
| Navigation |
| Message Index |
| Next page |