Security News > 2024 > February > VoltSchemer attacks use wireless chargers to inject voice commands, fry phones
A team of academic researchers show that a new set of attacks called 'VoltSchemer' can inject voice commands to manipulate a smartphone's voice assistant through the magnetic field emitted by an off-the-shelf wireless charger.
To demonstrate the attack, the researchers carried out tests on nine top-selling wireless chargers available worldwide, highlighting gaps in the security of these products.
In essence, VoltSchemer takes advantage of security flaws in the hardware design of wireless charging systems and the protocols governing their communication.
This opens up the way to at least three potential attack vectors for the VoltSchemer attacks, including overheating/overcharging, bypassing Qi safety standards, and injecting voice commands on the charging smartphone.
The researchers have demonstrated that it is possible to inject a series of voice commands through noise signals transmitted over the charging station's range, achieving call initiation, browsing a website, or launching an app.
While delivering higher voltage to mobile device on the charging pad or nearby items using a wireless charger is a feasible scenario, manipulating phone assistants using VoltSchemer does set a higher barrier in terms of the attacker's skills and motivation.