Security researchers spend a lot of time poking and prodding the software on the myriad smart devices that dominate our lives, but what about the plugs that recharge them? Modern fast chargers are essentially tiny computers, and a team of Chinese researchers has now shown it’s relatively simple to target the charger with an attack called BadPower. It can make your device overheat, smoke, and possibly even catch fire.
Until the last few years, the cables we used to keep our phones, tablets, and other devices running would deliver just a couple watts of power no matter what you plugged in. So, if you forgot to charge your phone overnight, it was impossible to get a full charge before it was time to head out the door. Modern fast charging systems can ramp up the voltage and current to get more power into your battery in a shorter amount of time, getting you hours of battery life in just a few minutes of charging. The chargers need their own tiny electronic brain to make that happen, and this is the target for BadPower.
The researchers from Tencent’s Xuanwu Lab showed that a smartphone could transmit BadPower to chargers, where it can modify the embedded firmware. Just plugging in a device with BadPower can scramble a fast charging plug and turn it into a phone-killing fire hazard.
BadPower interferes with the output to deliver more power than the connected device can accept, which can be extremely high for the latest chargers. For example, 100W USB-PD chargers are becoming increasingly common, and Oppo recently announced a 125W system. The firmware in these chargers is supposed to negotiate the correct combination of voltage and current to charge a connected device at maximum speed, which can be as high as 20V and 5A for power delivery. Plenty of new smartphones can only handle 15 or 18W, so you can imagine what 100W of power will do to the internals.
Xuanwu Lab tested 35 fast chargers of the 234 models available in China. The team found that 18 models from eight different vendors were vulnerable to BadPower. Security flaws are fixable on most smart devices, but chargers are barely smart, and many of them don’t have upgradeable firmware at all. Xuanwu Lab says that it tested 34 fast charging controllers and found that 18 of them lacked any firmware update mechanism.
The researchers recommend that vendors develop patches that can be deployed to upgradable plugs and included on future models. It also suggests manufacturers harden fast charger firmware to guard against attacks like this. Tencent says it notified all affected vendors, but some of these chargers are unfixable.
- Apple Might Not Include Charger, Earbuds With Next iPhone
- If You Can’t Beat ‘Em: Thunderbolt 3 to Be Rebranded as USB4, Coming 2021
- Malicious USB Cables Embed Wi-Fi, Can Remotely Control Connected PC