Fast Charging is a popular feature with most of the smartphones that let users charge their batteries faster than normal. The Fast Charging works by increasing the voltage and thus charges batteries faster than normal.
Fast Charging technology has emerged in recent years, a large number of chargers, charging treasures, car chargers, and other products supporting fast charging technology.
The fast charger is completed by one end with power supply and another end of the charging cable is the power receiving end.
When both ends power supply terminal and the power receiving terminal is connected with the device, then negotiation will occur, and then power supported by both parties will get supplied.
These processes are handled by firmware that stored in the fast charge management chip at the power supply terminal and the power receiver terminal.
The fast charger protocols include power transmission and data transmission functions, some devices have built-in read and write functions but they are lacking security checks.
By taking this as an advantage attackers can change the code that controls the power supply behavior in the fast charging device, they can change the default 5V power supply to 20V.
Chinese security researchers from Xuanwu Lab tested 35 of the fast charges, at least 18 of them had BadPower problems.
Two possible attack scenarios;
To note the BadPower Attack doesn’t result in data leakage, but it destroys the user’s digital device. The demand for fast charging products, like the PD fast chargers you see on ugreen.com is growing, so there is a chance for a number of users to get affected.
By issuing an update the device manufacturers can take measures to repair BadPower problems, normal users can avoid this attack by not giving your own chargers, power banks, etc. to others.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Also Read
USB 4 Released – Now You can Transfer Data with 40 Gbps Maximum Speed & 100 watts Charging
USB-IF Launches USB Type-C Authentication Program To Protect Against From Malicious Devices
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…