Loophole in Qi chargers can be used to “fry” smartphones, research shows

One new study [PDF] published by researchers at the University of Florida and shared by Kaspersky shows how wireless chargers can be used by malicious actors to attack smartphones or even cause damage to other objects.

These attacks occur through electromagnetic interference and can be carried out using most devices of this type currently sold.

Denominated VoltSchemer, the attack takes advantage of the unencrypted nature of wireless chargers. As they do not require any type of prior pairing with smartphones, all communication commands with the devices are transmitted by plain text — which allows any device to be recharged immediately when placed on a base.

With this, intermediaries can find ways to manipulate the magnetic field in order to emulate the signals of the Qi pattern. In the study in question, researchers built a malicious power adapter capable of intercepting the electromagnetic commands that carry out communication between the device and the charger by injecting specific noises into the electrical current.

Among the most surprising attacks they were able to demonstrate is the ability to control voice assistants (such as Siri) through specific electrical vibrations, which can be understood by the smartphone as a sound. Current devices even have protection once morest magnetic fields, but their location does not cover the microphone, leaving them susceptible to manipulation.

The researchers were also able to use VoltSchemer to block the commands that cause the accessory to interrupt the recharging process when the smartphone reaches maximum charge or reaches a very high temperature. This resulted in problems with overheating, which in turn resulted in the closing of applications or even the complete shutdown of devices.

The attack can also cause the charger to be activated when in contact with other objects (currently, communication with the smartphone is necessary for it to start recharging) — which is enough to “fry” several metal items (such as a pendrive or a key). According to researchers, this attack might result in something even more damaging, such as a fire.

Among the solutions proposed by the researchers are the implementation of components that eliminate noise in the voltage that powers the charger or real-time monitoring of its operation (things that can greatly increase the cost of production). Users, in turn, should avoid placing chargers wireless in unknown sockets.

via TudoCelular.com