A new case of mobile phone accident has already emerged. This is a new attack that will damage the phone to the point of burning it completely, It is very frustrating for Android users because the damage comes from one of its components.
The Andro4all team has published this disruption that is plaguing users due to the violent way it destroys mobile devices. How? using fast charging.
This new virus is named BadPower and has no intention of stealing data or infecting the device, in this case it directly attacks the chargers faster than connecting to phones initiates near and continuous power loading affecting the battery of the device, damages other items from overheating, and literally burning the phone.
How does this work?
A team of researchers from Xuanwu Lab who belongs to a Chinese company Tencent, it is mentioned in the post that this malware is installed in instant downloads, to fix the firmware of this it also releases the power that it should send to the devices, because the normal load is adjusted and amplified at the maximum output allowed by the charger.
This attack is quiet and invisible, because as mentioned, they do not change some of the system signals and can damage both phones, tablets and computers.
In a report to the public, Tencent outlines two mechanisms for carrying out BadPower attacks.
The typical BadPower attack process started with special hardware is as follows:
- The attacker used a special hidden device such as a mobile phone to connect to the dog’s charging port to attack the internal charger firmware.
- When a user uses a charger d isconnected from computers to charge other devices, the charger will perform a full power attack on a powerful device.
The process for typical BadPower attacks using a standard terminal is as follows:
- The attacker attacks the user’s mobile phone, laptop and other local devices in some way, and installs malicious programs with BadPower attack capabilities on them, converting the power storage device into a BadPower attack agent.
- When a user connects a lethal device to a charger, the malicious program on the end device attacks the internal charger firmware.
- When the user uses a molded charger to charge the device again, the charger will perform a full power attack on the powerful device.
In addition, it also offers a few tips for protecting this new malware or any variations that may affect it in the future.
When designing and making fast charging products in the future, you should pay attention to:
- Please perform a rigorous moral check by updating the firmware with a USB port, or do not provide this feature.
- Perform strict security checks on the firmware of the device to avoid common software vulnerabilities.
Android users are very vulnerable and can attack
Most of those affected are Android phone users because of open system that it retains when it comes to accessories. In other words, there are many products made by third parties with limited access to this market (or without care), unlike Apple, which offers and advises the use of third-party services, denying that “any product” is available to users of your devices.
However, while the risk is low, it should not be forgotten that Apple already has some devices compatible with this fast charge may be affected.
To date 18 of the 35 tested chargers are at risk of such an attack. Investigators They do not currently provide a list of vulnerable chargers. because it is expected that this malware will be completely removed now as it has already been revealed.