Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday July 20 2020, @06:49PM   Printer-friendly
from the Phones-do-not-come-with-a-fuse? dept.

Another cyber warning has been issued about the risk from compromised chargers—but this time data theft is not the issue...

Hackers Can Now Trick Usb Chargers To Destroy Your Devices—This Is How It Works:

Not all cyber attacks focus on data theft. Sometimes the intent is "to achieve destruction of the physical world through digital means," Chinese tech giant Tencent warns. The company's researchers have just disclosed a serious new vulnerability in many of the mass-market fast chargers now used around the world.

[...] Tencent’s researchers have now proven that a compromised charger can override this negotiation, pushing more power down the cable than the device can safely handle, likely destroying the device and potentially even setting it on fire.

Because the fast charger is essentially a smart device in its own right, it is open to a malicious compromise. An attack is very simple. With malware loaded onto a smartphone, an attacker connects to the charger, overwriting its firmware and essentially arming it as a weapon for whatever plugs in to it next.

The interesting twist here is that the malware might even be on the target device. An attacker pushes that malicious code to your phone. The first time you connect to a vulnerable fast charger, the phone overwrites its firmware. The next time you connect to that same charger to [recharge] your device, your phone will be overloaded.

Tencent has produced a demo video, showing how a charger can be compromised and then used to overload a device.

Tencent have dubbed this issue "BadPower," and warn that "all products with BadPower problems can be attacked by special hardware, and a considerable number of them can also be attacked by ordinary terminals such as mobile phones, tablets, and laptops that support the fast charging protocol."

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by sjames on Wednesday July 22 2020, @03:09AM (3 children)

    by sjames (2882) on Wednesday July 22 2020, @03:09AM (#1024850) Journal

    But is it WELL regulated?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by JoeMerchant on Wednesday July 22 2020, @11:22AM (2 children)

    by JoeMerchant (3937) on Wednesday July 22 2020, @11:22AM (#1024904)

    is it WELL regulated?

    According to Bezos and the other billionaires, yes, very well thank you, couldn't be better in fact.

    --
    🌻🌻 [google.com]
    • (Score: 2) by sjames on Thursday July 23 2020, @10:07AM (1 child)

      by sjames (2882) on Thursday July 23 2020, @10:07AM (#1025352) Journal

      News flash: Fox declares Henhouse security sufficient!

      • (Score: 2) by JoeMerchant on Thursday July 23 2020, @01:29PM

        by JoeMerchant (3937) on Thursday July 23 2020, @01:29PM (#1025382)

        Never really highlighted in the news: the Henhouses have been 100% Fox run operations since forever. The Foxes feel that they are entitled to anything and everything produced in the Henhouses, because their ancestors paid Hens to build them, gathered all the Hens out of the countryside and crammed them into the houses, paid Hens to develop the technology to cram ever more Hens into the houses. If it wasn't for Fox money, those Hens would be free range, unproductive. Of course the Foxes deserve to make all the decisions - which is why the COVID bailout went mostly directly to the Foxes, and the choice in the coming election is between Fox1 and Fox2.

        --
        🌻🌻 [google.com]