Traditionally, we heard that overnight charging or speaking on mobile while charging leads to mobile phones exploding, but today in this article we are going to see a different scenario called Bad Power Attack.
Recently our security Engineers identified a new form of vulnerability with fast charging devices like Mobile Phones, tablets and laptops. By hacking fast charging power management IC, hackers can easily explode or fire above mentioned gadgets.
Smartphone Charging operation procedure:
Before we enter into a bad power attack we want to know how smart phone charging happens.
In the smartphone charging port we have four terminals. They are +ve voltage, -ve voltage (ground), +ve data and, -ve data (ground) Where voltage terminals will help to charge your battery and data terminal will communicate between Power management IC and charging port regarding battery status.
Once the battery reaches its 100 % storage capacity Power management IC will send a message to the charging port that battery storage is full so it stops the power flow to the battery.
What is a bad Power attack?
Hackers can program malicious codes to power management firmware IC that can damage smartphones by overloading with an unusual amount of voltage resulting in internal components burning or complete smart phone explosions.
For example your smartphone has a fast charging circuit designed with a capacity of 9V/ 3A. Cybercriminals hacked your smartphone and programmed the malicious codes with a high voltage of 12V/ 3A to Power management IC than its designed capacity. The adapter will automatically overload the power resulting in damaging the smartphone.
Suggestion to Smartphone Manufacturers:
The cyber security engineers tested 35 fast charging adapters and discovered that 18 models from eight companies were vulnerable to bad power attack while most bad power vulnerabilities can be patched by updating the firmware.
Also they recommended the manufacturing companies to add additional fuses, overload protection to devices that can support lower voltage fast charging to prevent bad power attack.
Advice to a smartphone Users:
Don’t Root or Jailbreak smartphone. Avoid using free or open Wi-Fi networks. Avoid Public USB charging ports. Never open unknown, spam and phishing emails. Use built in device protection. Use an antivirus app. Manage app permission.