Quick-charge vulnerability to explode smartphones remotely could be exploited by hackers

Last charging technology is one of the most outstanding advances in the world of mobile telephony, so multiple Chinese phone manufacturers have recently announced super-fast charging technology, cloud security course experts mention. However, there are multiple doubts about the safety of this technology, mainly as to the impact on the battery and the device.

On July 16, Tencent Security Xuanwu Lab published a report stating the existence of a large number of fast-loading devices exposed to security incidents. According to the report, threat actors could control the process of loading a vulnerable device, rewriting a device’s firmware and causing smartphone components to burn or generate electric overloads.

Cloud security course specialists believe that at least a few hundred million devices worldwide could be exposed to these attacks, plus the problem is not limited to smartphones, as any device with USB charging support could be compromised.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es quickcharge.jpg

Researchers believe the flaw, dubbed “BadPower”, may be the first global-range remote attack method.

During the research 35 of the most popular fast chargers on the market were tested, discovering that 18 of these devices have serious security issues. The faults are found in eight manufacturers and nine different models of fast-loading chips, mentioned by cloud security course specialists.

Regarding the vulnerability, its successful exploitation would allow to hack the firmware of a fast-charging device through a special compromised terminal that is capable of delivering excessive load power to the receiving device. This attack can cause device malfunctions and even cause a fire. In addition, the attack could be deployed by physical or remote methods, which makes this vulnerability even more dangerous.

Fortunately, most devices exposed to the BadPower failure can receive firmware updates that prevent the attack. Users should remember not to use pirated devices to prevent such incidents.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.