'VoltSchemer' Hack Allows Wireless Charger Takeovers

We Keep you Connected

'VoltSchemer' Hack Allows Wireless Charger Takeovers

Researchers tested their theory on nine chargers, each different and available to consumers, and found them all vulnerable to their attacks.
February 21, 2024
Researchers from the University of Florida, alongside CertiK, have come up with a theoretical attack, called "VoltSchemer" (PDF), that allows for wireless charger takeover through power supply voltage manipulation.
The attack could allow threat actors to damage charging devices, bypass Qi standard's mechanisms, and manipulate voice assistants. It would be able to do this by exploiting voltage noises from the power supply.
The Qi standard was developed by the Wireless Power Consortium and handles communication among the power adapter, wireless charger, and charging device.
Wireless chargers rely on near-field magnetic coupling for power transfer, making them more secure than wired chargers. The power signals used for power transfers, however, could be modified to control Qi communication between the charged device and the charger, allowing a threat actor to instruct the charger to perform malicious acts.
"The schemed voltage noises from the power adapter can propagate through the power cable and modulate the power signals on the charger's transmitter coil due to the effects of electromagnetic interference (EMI) on the charger," the researchers stated in the paper.
The researchers also noted that they've tested their theoretical attacks against nine different commercial wireless chargers and found them all to be vulnerable. 
Dark Reading Staff
Dark Reading
Dark Reading is a leading cybersecurity media site.
You May Also Like
Your Everywhere Security guide: Four steps to stop cyberattacks
Your Everywhere Security Guide: 4 Steps to Stop Cyberattacks
API Security: Protecting Your Application’s Attack Surface
API Security: Protecting Your Application’s Attack Surface
Securing the Software Development Life Cycle from Start to Finish
Cybersecurity’s Hottest New Technologies – Dark Reading March 21 Event
Black Hat Asia – April 16-19 – Learn More
Black Hat Spring Trainings – March 12-15 – Learn More
Industrial Networks in the Age of Digitalization
Zero-Trust Adoption Driven by Data Protection
How Enterprises Assess Their Cyber-Risk
How to Deploy Zero Trust for Remote Workforce Security
Forrester Total Economic Impact Study: Team Cymru Pure Signal Recon
Demystifying Zero Trust in OT
Strengthen Microsoft Defender with MDR
Mandiant Threat Intelligence at Penn State Health
The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023
2023 Software Supply Chain Attack Report
Cybersecurity’s Hottest New Technologies – Dark Reading March 21 Event
Black Hat Asia – April 16-19 – Learn More
Black Hat Spring Trainings – March 12-15 – Learn More
Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

TNC

LET US MANAGE YOUR SYSTEM
SO YOU CAN RUN YOUR BUSINESS

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE