Alert to wireless charger users! A cyberattack called VoltSchemer exploits security vulnerabilities to fry your phones.
Simple and practical, wireless chargers, notably Qi2, the new standard, are equipping more and more homes. But a recent discovery darkens the picture: a security flaw called VoltSchemer opens the way to hackers. This cyberattack exploits vulnerabilities in Qi security standards to transform a simple charger into a formidable weapon, capable of overheating and irreparably damaging your device.
VoltSchemer, was this?
A technical paper signed by researchers at the University of Florida and CertiK describes VoltSchemer as an attack that exploits electromagnetic interference to manipulate charger behavior.
Wireless charging systems use electromagnetic induction to transfer energy between the charging station and the smartphone. Researchers have discovered that it is possible to manipulate the voltage supplied to the charging station to create electromagnetic interference that changes the power signal and data transmitted between the two devices.
By using a proxy device, which can be disguised as a legitimate accessory, attackers can introduce malicious voltage fluctuations that fool the smartphone and charger. For example, they can prevent the smartphone from reporting that its battery is full, leading to overcharging and overheating. They can also enable energy transfer to unsupported objects, such as USB sticks, payment cards or SSDs, and heat them to dangerous temperatures.
When VoltSchemer wants to light the fire
The VoltSchemer attack poses several security risks for smartphone and wireless charger users. First, it can cause physical damage to nearby devices and objects, potentially leading to fires, explosions, or data loss. Second, it can bypass standard Qi security mechanisms, which are supposed to ensure the compatibility and security of wireless charging systems.
Finally, it can inject inaudible voice commands into smartphone voice assistants, such as Siri or Google Assistant, and force them to perform unwanted actions, such as making a call, browsing a website or launching an application.
Researchers tested the VoltSchemer attack on nine of the world’s best-selling wireless chargers, and showed that they are all vulnerable to this type of attack. They also disclosed their results to charger suppliers and proposed possible countermeasures, such as using filters, detectors or authentication codes to reduce electromagnetic interference.
Source: Bleeping Computer, Arxiv.org
There are many Qi wireless chargers on the market, but not all of them are created equal. Pad, Stand or mobile models, we have selected ten references, it’s up to you to choose the one that suits you best.
Read more
6