Go to DBLP homepageXPorter: A Study of the Multi-Port Charger Security on Privacy Leakage and Voice Injection
Abstract: Multi-port chargers, capable of simultaneously charging multiple mobile devices such as smartphones, have gained immense popularity and sold millions of units in recent years. However, this charging-targeted feature can also pose security and privacy risks by allowing one of the simultaneously charging devices to communicate with another one if not properly designed and implemented as these devices are actually interconnected. Unfortunately, such risks have not been thoroughly investigated and we have identified a novel attack surface in the circuit design of multi-port chargers, which allows an adversary to exploit one port to (i) eavesdrop on the activities of other devices being charged and (ii) inaudibly inject malicious audio commands if the charging device supports voice assistants and USB-C interface.In this paper, we design and implement a novel framework, XPorter, to analyze and demonstrate the uncovered security and privacy threats in multi-port chargers. Specifically, it leverages the changes in the voltage signals on one neighbor port to monitor the voltage changes of the charging port induced by various user activities, including recognizing the running apps and uncovering keystrokes. Moreover, XPorter can also achieve inaudible audio injection attacks from the neighbor port to the charging mobile device via the USB-C interface. We extensively evaluate the effectiveness of XPorter using five commodity multi-port chargers and five mobile devices. The evaluation results show its high effectiveness in recognizing the launching of 20 mobile apps (88.7%) and uncovering unlocking passcode (98.8%). Furthermore, XPorter achieves 100% success rates in inaudible audio injection attacks on three voice assistants. In addition, our study also shows that XPorter is resilient to various impact factors and presents the potential of attacking multiple victims.
Loading