Unexpectedly, the power bank and charger are not safe.
On July 16, Tencent Security Black Tortoise Lab released a report titled "
The attacker uses special equipment or the hacked digital terminal to rewrite the firmware of the fast charging device, thus controlling the charging behavior so that it provides excessive power to the charged device, which leads to the breakdown and burning of the components of the charged device, and may further bring security risks to the physical environment in which the charged device is located. Tencent Black Tortoise Security Lab has named such security issues
Major security issues caused by attacking the physical world from the digital world
The report points out that there are security problems in the current large number of fast charging terminal devices on the market, and the attacker can control the charging behavior by rewriting the firmware of the fast charging device, resulting in the burning of the components of the charging device, or even more serious consequences. conservative estimate,
Unlike other attacks,Badpower may be the first security issue in the world that can attack the physical world from the digital world with such a wide range of influence.
According to reports,Tencent Xuanwu security laboratory has tested 35 chargers and power banks that support fast charging technology on the market, and found that 18 of them have security problems.
Principle, according to Tencent security Black Tortoise lab director, the international top white hat hacker Yu said, is actually using the charger, portable battery in the smart chip attack.
Specifically, the fast charging operation is completed by the power supply end, the charging cable and the receiving end. The power supply end and the receiving end will communicate through the charging cable for power negotiation. The power supply terminal supplies power to the receiving end according to the voltage and current supported by both sides through negotiation. There is a set of program running in the power supply end and the receiving end of fast charging to complete the power negotiation and control the charging process. This program is usually stored in the firmware of the fast charging management chip at the power supply end and the receiving end.
Malicious attackers can use special devices (physical attacks) or intruded digital terminals to rewrite the firmware of fast charging devices to control charging behavior. Some loopholes in the implementation of fast charging protocol may also be exploited. For example, high voltage supported by fast charging technology is also provided for the receiving equipment which does not support fast charging technology, or a higher voltage is actually provided after negotiating a lower voltage, which leads to power overload of the receiving equipment.
Attack methods include physical contact and non physical contact, and a considerable number of attacks can be completed by remote means.
Specifically, there are two types:
One is to connect a special attack device directly to a charging adapter.
One is that the intelligent terminal can be controlled by traditional network intrusion means.
At the same time, among the 18 devices with bad power problem found in basaltic laboratory, 11 devices can carry out non physical contact attacks through digital terminals.
The 18 devices with bad power problems involve 8 brands and 9 different models of fast charging chips.
Basaltic laboratory said:
There is no difference in security between different fast charging protocols. The risk mainly depends on whether the firmware can be rewritten through USB port, and whether the firmware rewriting operation has been verified safely. Xuanwu laboratory also investigated the fast charging chips on the market, and found that at least 60% of them have the function of updating firmware through USB port after finished products. When using these chips to make products, we need to fully consider the security in the design and implementation, otherwise it may lead to bad power problems.
Is it serious?
So how terrible is this physical attack.
According to a video provided by Tencent security basaltic laboratory, you can see that the chip inside the device is burned.
Moreover, Tencent also emphasizes that the consequences are different for different attack objects and attack scenarios. Specific and overload voltage, current, as well as the circuit layout of the receiving equipment, components selection, and even the shell material, internal structure and so on. In most cases, the power overload will lead to the breakdown and burning of related chips in the receiving equipment, which will cause irreversible physical damage. Because of the power overload, the damage to the chip can not be controlled and predicted. Therefore, the chip may lead to other secondary consequences after being destroyed.
Therefore, do not charge your shoes to play with your mobile phone~
How to address the badpower threat?
At present, most badpower problems can be fixed by updating the device firmware. According to the situation, equipment manufacturers can help users update firmware and repair badpower problems in sold products by different measures
1. Help users update the firmware of charging equipment through maintenance network;
2. Send security updates to mobile phones and other terminal devices supporting fast charging technology through the network, and upgrade the firmware of charging devices.
In the future, we can refer to the following suggestions when designing and manufacturing fast charging products:
1. Close the firmware update function of fast charging products through USB port, or strictly verify the legality of firmware;
2. The device firmware code is strictly checked to prevent common software vulnerabilities.
Ordinary users can also take measures to mitigate the threat of badpower. For example, do not easily put their own charger, charger, etc. to others to use. At the same time, it is recommended not to use the cable from type-C to other USB interfaces to let the fast charging equipment supply power to the power receiving equipment that does not support fast charging. Because the overload protection of the equipment supporting the fast charging technology is usually better than that of the receiving equipment which does not support the fast charging technology. In case of power overload, equipment with better overload protection may lead to lighter consequences or even be unaffected.
It is worth mentioning that Tencent Security Black Tortoise Laboratory will be on March 27 this yea
TK, head of Tencent security basaltic laboratory, also said:
Badpower reminds us once again that with the development of information technology, the boundary between the digital world and the physical world is becoming increasingly blurred. Previously, we knew that the security of industrial control system and Internet of vehicles system may affect the physical world, but these seem to be far away from most people. Badpower makes us realize that even this humble little thing in every family can break the boundary between the digital world and the physical world.
In order to achieve the interconnection of all things, we need to consider the security of all things. BadPower is the problem of the introduction of the design process, we have been calling for the safety front all these years, from the production stage to the design stage, Xuanwu Laboratory has been actively studying the safety problems introduced in the design process. The number of such problems is small, but once it happens, it will affect the whole industry.
>> of Preferential Commodity InformationReady to eat chicken breast 100gx7 coupon after 19.9 yuan RMB 75 after two-way fast charging 18W 2W Ma coupon for green mobile power supply The price of charged sonic electric toothbrush coupon is 7.9 yuan Xinhua original<中华上下五千年>$49> full set of 6 coupons中华上下五千年> Yinong mailisu barrel packed with 520g sandwiched dark chocolate chocolate chocolate chocolate chocolate