VoltSchemer: Exploiting Voltage Noise to Attack Wireless Chargers

1. Introduction

Wireless charging, epitomized by the widespread Qi standard, promises convenience and enhanced safety by eliminating physical connectors. Its market is growing at a CAGR of 25.8%. However, this paper, "VoltSchemer," shatters the perceived security bubble by exposing critical vulnerabilities. The core finding is that intentional electromagnetic interference (IEMI), introduced as voltage noise from a compromised power supply, can propagate through the system and hijack the in-band communication channel between the charger and device. This allows an attacker to gain complete control over Commercial Off-The-Shelf (COTS) wireless chargers without any physical modification, enabling a suite of powerful attacks.

2. Background & Related Work

2.1. Wireless Charging & Qi Standard

Qi wireless charging uses inductive coupling between transmitter (Tx) and receiver (Rx) coils. Communication for control (e.g., power needs, FOD signals) is achieved through in-band modulation of the power carrier signal, unlike wired charging which has separate data lines. The Wireless Power Consortium (WPC) enforces safety protocols like Foreign Object Detection (FOD) to prevent heating of metallic objects.

2.2. Prior Attacks on Charging Systems

Previous research (e.g., MACTANS, Juice Jacking) focused on wired charging, exploiting the USB data lines to install malware or inject keystrokes. Wireless charging was considered more secure due to the lack of a direct data pathway. VoltSchemer fundamentally challenges this assumption by attacking the power and communication channel itself.

3. Threat Model & Attack Overview

3.1. Adversary Capabilities

The attacker needs control over the AC-DC power adapter supplying the wireless charger. This could be a malicious public charging station, a compromised smart plug, or a tampered adapter. No modification to the charger or device is required.

3.2. Core Attack Principle: Voltage Noise Injection

The attacker injects carefully crafted voltage noise ($V_{noise}(t)$) into the DC power line. This noise couples into the charger's circuitry via electromagnetic interference (EMI), ultimately modulating the magnetic field generated by the Tx coil. Since Qi communication relies on modulating this same field, the attacker can inject malicious control packets, impersonating either the charger or the device.

Attack Success Rate

9/9

Top-selling COTS chargers vulnerable

Market Growth (CAGR)

25.8%

Wireless charging industry

Key Attack Vector

Voltage Noise → EMI → Signal Hijack

4. VoltSchemer Attack Vectors

4.1. Inaudible Voice Command Injection

By modulating the power signal, the attacker can generate acoustic signals from the charger's internal components (coils, capacitors) at ultrasonic frequencies. These can be demodulated by a smartphone's microphone to execute voice commands on voice assistants (e.g., Siri, Google Assistant) without user awareness.

4.2. Device Damage via Overcharging/Overheating

The attacker can forge Qi communication packets to instruct the charger to deliver excessive power beyond the device's negotiated limits, potentially damaging the battery or circuitry through overvoltage or thermal stress.

4.3. Bypassing Foreign Object Detection (FOD)

This is the most critical attack. The attacker can send forged FOD "all-clear" signals to the charger while a metal object (e.g., a key, coin, or NFC card) is on the charging pad. The charger, deceived into believing no foreign object is present, continues operating at full power, inducing dangerous eddy currents that can heat the object to ignition temperatures or demagnetize/melt valuable items.

5. Technical Details & Mathematical Model

5.1. Signal Propagation & EMI Coupling

The injected voltage noise $V_{noise}(t)$ propagates through the DC bus. Non-ideal components (traces, capacitors) act as antennas, coupling this noise into sensitive analog and switching circuits of the charger. The coupling can be modeled as an unwanted transfer function $H_{coupling}(f)$: $$V_{induced}(f) = H_{coupling}(f) \cdot V_{noise}(f)$$ where $V_{induced}(f)$ is the noise appearing on critical nodes.

5.2. Modulation of Power Signal for In-Band Communication

Qi communication uses Amplitude Shift Keying (ASK). The Rx device modulates the load to create amplitude variations on the Tx coil voltage. The attacker's induced noise $V_{induced}(t)$ can mimic this modulation. To inject a bit '1', the attacker superimposes a specific frequency component to cause a detectable amplitude dip. The required noise profile must match the Qi packet structure (preamble, header, message, checksum).

6. Experimental Setup & Results

6.1. Tested Devices & Success Rate

The authors successfully demonstrated all three attacks on 9 out of 9 top-selling COTS Qi chargers from brands like Belkin, Anker, and Samsung. This 100% success rate underscores the pervasiveness of the vulnerability.

6.2. Key Performance Metrics & Observations

Chart Description (Imagined): A bar chart would show "Attack Success Rate per Charger Model" at nearly 100% for all. A line graph would plot "Induced Object Temperature vs. Time" during the FOD bypass attack, showing a steep rise to over 280°C for a house key, demonstrating fire risk. Another diagram would illustrate the signal chain: Malicious Power Supply → Injected $V_{noise}$ → Charger PCB (EMI Coupling) → Tx Coil Modulation → Malicious Magnetic Field → Target Device/Object.

Experiments confirmed the ability to inject valid Qi packets, force continuous high-power mode, and heat foreign objects to hazardous levels within minutes.

7. Analysis Framework & Case Study

Framework for Assessing Wireless Charger Security:

Signal Integrity Analysis: Audit the power supply input stage for susceptibility to conducted EMI. Measure the Power Supply Rejection Ratio (PSRR) of the charger's critical ICs.
Communication Protocol Fuzzing: Systematically inject malformed and out-of-spec voltage noise patterns to test the robustness of the Qi protocol parser on the charger's microcontroller.
Side-Channel Monitoring: Monitor unintended side-channels (acoustic, thermal, power) during normal operation to establish a baseline, then detect anomalies during attack simulations.

Case Study - Public Charging Kiosk: An attacker replaces the power adapter in an airport charging station with a malicious one. When a user places their phone, the adapter executes a FOD bypass attack while a metal paperclip (placed by the attacker) is also on the pad. The phone charges normally, but the paperclip heats up, potentially damaging the phone's casing or causing injury. Simultaneously, inaudible commands could be sent to open a malicious website.

8. Countermeasures & Mitigation Strategies

Hardware-Level: Implement robust filtering and shielding at the DC power input. Use isolated power converter topologies. Incorporate hardware-based packet authentication for critical commands (e.g., FOD status, power control).
Firmware/Protocol-Level: Add message authentication codes (MACs) or digital signatures to Qi packets, as suggested by the authors. Implement sanity checks (e.g., cross-validating power requests with thermal sensors).
User Awareness: Avoid using public, untrusted wireless chargers for valuable devices. Be aware of unusual heating during charging.

9. Future Applications & Research Directions

Expanded Target Scope: Investigating similar voltage noise attacks on other inductive systems (e.g., RFID readers, electric vehicle wireless charging).
AI-Enhanced Attack Generation: Using reinforcement learning to discover optimal noise waveforms for different charger hardware, akin to adversarial attacks in machine learning applied to hardware.
Standard Evolution: Pressuring the WPC to mandate security enhancements in future Qi specifications, potentially incorporating lightweight cryptographic protocols suitable for low-power, real-time control.
Defensive Tooling: Developing automated testing frameworks for manufacturers to evaluate their chargers' resilience to VoltSchemer-style attacks.

10. References

Zhan, Z., Yang, Y., Shan, H., Wang, H., Jin, Y., & Wang, S. (2024). VoltSchemer: Use Voltage Noise to Manipulate Your Wireless Charger. arXiv preprint arXiv:2402.11423.
Wireless Power Consortium. Qi Wireless Power Transfer System Specification.
Clark, S., et al. (2013). MACTANS: Injecting Malware into iOS Devices via Malicious Chargers. USENIX Security.
Zhang, K., et al. (2021). Learning to Listen: A Neural Network for Inaudible Voice Recognition. IEEE S&P.
NIST. (2020). Guidelines for Managing the Security of Mobile Devices in the Enterprise (SP 800-124 Rev. 2).

11. Expert Analysis & Critical Review

Core Insight

The VoltSchemer paper isn't just another hardware hack; it's a paradigm-shifting exposé. It demonstrates that the foundational trust model of wireless charging—where security is derived from the absence of a data wire—is fundamentally flawed. The real vulnerability isn't in the Qi protocol's logic but in the physical implementation gap between the clean-room specification and the noisy, EMI-prone reality of consumer electronics. This work aligns with a broader trend in hardware security, reminiscent of the findings in the seminal CycleGAN paper which showed how data distributions can be maliciously manipulated; here, it's the power signal's integrity that's compromised. As noted in NIST's guidelines on mobile device security, the attack surface extends deep into the supply chain and supporting infrastructure.

Logical Flow

The authors' logic is devastatingly elegant: 1) Qi uses the power signal for communication. 2) The power signal's integrity depends on a clean supply voltage. 3) The supply voltage is an external, untrusted input. 4) Therefore, an attacker controlling the supply can control the communication. They brilliantly bypass decades of layered software security by attacking the analog/physical layer, a vector often overlooked in favor of digital exploits. The progression from proof-of-concept (noise injection) to practical attacks (voice, damage, FOD bypass) is methodical and compelling.

Strengths & Flaws

Strengths: The 9/9 success rate is the knockout punch—this is no edge-case vulnerability. The FOD bypass attack is particularly terrifying, translating a communication flaw into a direct physical safety hazard (fire). The work is exceptionally practical, requiring only COTS equipment.

Flaws & Open Questions: The paper lightly touches on countermeasures but lacks a deep cost-benefit analysis for manufacturers. Is adding cryptography to millisecond-level power control loops feasible on low-cost MCUs? The threat model assumes control of the power adapter, which, while plausible in public spaces, raises the bar compared to simple malicious cables. The long-term effectiveness of the attack against next-generation chargers with improved filtering is untested.

Actionable Insights

For manufacturers, this is a five-alarm fire. Immediate action is required: audit power supply rejection in existing designs and mandate enhanced input filtering and shielding in new products. Engaging with the WPC to develop a security addendum to the Qi standard is non-negotiable.

For enterprise security teams, treat public wireless chargers with the same suspicion as public USB ports. Policies should discourage their use for corporate devices handling sensitive data.

For researchers, VoltSchemer opens a new frontier: the security of power delivery networks. Future work must explore defensive sensing techniques to detect EMI-based hijacking in real-time, potentially using the charger's own circuitry as a sensor. The battle for security has decisively moved into the analog domain.