Mac Laptop Batteries Could Run Malware

The batteries used in many Mac laptop computers are vulnerable to attack, meaning they could potentially be made to explode or run malicious code, according to security researcher Charlie Miller, who will present his findings at the Black Hat security conference next week.

Miller’s research takes as its starting point the fact that laptop batteries now include advanced microcontrollers that interface with the computer’s operating system and control the battery’s ability to charge.

Mac laptops vulnerable

Miller, who is principal research consultant at Accuvant Labs, focused on an embedded controller used in lithium ion and lithium polymer batteries and used in a large number of MacBook, MacBook Pro and MacBook Air laptops.

He found that these controllers ship with a default password, which he discovered by analysing a 2009 Mac OS X security update that fixed battery issues.

Using that password, Miller was able to reverse engineer the firmware and the firmware flashing process for the controller in question. He found he could take complete control of the controller by modifying its firmware.

“I present a simple API that can be used to read values from the smart battery as well as reprogram the firmware,” he said in an abstract of the upcoming presentation. “Being able to control the working smart battery and smart battery host may be enough to cause safety issues, such as overcharging or fire.”

Miller told Forbes he will also present a fix for the issue in the form of a program called Caulkgun that changes the battery password to a random string. However, this also prevents Apple from using the default password to correct problems with the battery firmware, Miller noted.

Fire risk

The hack could allow an attacker to install malware on a battery that would continue to re-infect a system until the battery was removed, Miller said. This would require a separate hack into the interface between the OS and the battery, but such a hack would probably not be difficult, since Apple probably hasn’t guarded against such an attack vector, he told Forbes.

Another possibility could be to cause the battery to overheat or catch fire, although Miller acknowledged he hadn’t tested that particuar theory.

Miller said he has informed Apple of the issue. Apple didn’t respond to a request for comment as of the present writing.

The Black Hat conference runs from 30 July to 2 August in Las Vegas.

Last month HP began recalling 162,000 lithium-ion laptop batteries after a number of people reported incidents of injuries and burns affecting batteries that hadn’t been included in an earlier recall.

In May 2010 HP announced a recall programme affecting about 54,000 batteries, which itself followed on from a May 2009 recall affecting about 70,000 batteries, according to the US Consumer Product Safety Commission (CPSC).

Since the May 2010 recall, however, HP said it had received 40 reports of batteries that overheated and ruptured, resulting in seven burn injuries, one smoke inhalation injury and 36 instance of property damage, according to the CPSC.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Amazon Workers Go On Strike Across US

Amazon staff in seven cities across US go on strike after company fails to negotiate,…

2 mins ago

Senators Ask Biden To Extend TikTok Ban Deadline

Two US senators ask president Joe Biden to delay TikTok ban by 90 days after…

31 mins ago

Journalism Group Calls On Apple To Remove AI Feature

Reporters Without Borders calls on Apple to remove AI notification summaries feature after it generates…

1 hour ago

North Koreans Stole $1.34bn In Crypto This Year

North Korea-liked hackers have stolen a record $1.34bn in cryptocurrency so far this year, as…

2 hours ago

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago