Fast chargers may be fast, but they can also be flammable. Researchers at Chinese tech giant Tencent have found a way to alter the firmware inside fast chargers causing connected devices to overheat and break – or even light on fire in some cases. The technique, appropriately dubbed BadPower, works by telling a fast charger to send more voltage to a device than it's been designed to handle. Incendiary hijinks tend to ensue.
Fast chargers are a relatively recent development, pioneered by the likes of OnePlus, that are supposed to alleviate battery anxiety by making devices like smartphones charge a lot faster. Some fast chargers in the 15W range now promise an 80 percent charge from zero in around half an hour. Not all smartphones support fast charging yet, though, because doing so requires special thermal dissipation to prevent overheating at high voltages, and software to regulate the flow of power so the battery doesn't overload and rupture. Remember the Samsung Galaxy Note 7? That's what happens when you don't regulate battery tech properly.
When everything is software, everything is hackable – Fast chargers can modulate how much power they deliver based on what the device supports, and this is what BadPower exploits. It basically tells software inside the fast charger to ignore any communication from the device regarding what charging speed it supports. So, for instance, the software in a device might tell the charger to send 10V of power but the charger instead sends 20V, which could damage the device.
The researchers at Tencent were able to test the exploit and prove that it causes some devices to catch on fire. They say the BadPower exploit can be installed on any fast charger simply by connecting an infected device to the charger, after which the attack code will alter the firmware of the charger. Great. Now our chargers need antivirus software.
Don't lend out your charger – Fortunately, this type of problem can be fixed by updating the firmware of chargers to block unauthorized modifications, though that would be difficult to do for chargers already out in the wild. Device manufacturers can also take steps to strengthen the battery management in their devices so they don't overcharge. A good tip for users is to avoid public USB ports in general and use your own chargers whenever possible.
BadPower is just the latest horror in a year full of hacks wreaking havoc on the world. We've also seen Twitter crippled for hours by kids trying to earn some bitcoin, accounts on the game Roblox hacked to push pro-Trump messages (to kids), and Russian hackers trying to break into healthcare companies to steal their coronavirus vaccine research (nothing to do with kids, thankfully).