Skorpion Charger Hopes to Take the Sting Out of Android Malware

Tapping the Android device’s internet connection, Skorpion receives ongoing virus definition updates, and is programmed to run a scan on system files at a set time
Tapping the Android device’s internet connection, Skorpion receives ongoing virus definition updates, and is programmed to run a scan on system files at a set time

Kaprica snagged $100,000 in funding back in February to develop the charger, which Belkin is distributing.

Tapping the Android device’s internet connection, Skorpion receives ongoing virus definition updates, and is programmed to run a scan on system files at a set time. A red LED light warns that danger is afoot; the user can remediate things manually or have the device automatically clean up files.

The charger is in pre-production, but distribution date and pricing have not yet been set.

Chargers can wear both a white and a black hat. Georgia Tech security researchers have built a malicious charger that can inject persistent malware into current-generation iOS devices, compromising the gadgets in less than 60 seconds. At the Black Hat 2013 conference in July, Billy Lau, Yeongjin Jang and Chengyu Song presented their creation, dubbed Mactans after the black widow spider's Latin name.

"Apple iOS devices are considered by many to be more secure than other mobile offerings," they said in the session write-up. "In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device."

The answer to that question appears to be "not at all" – the charger easily circumvented the Apple iOS defense mechanisms, and allows an attacker to hide its software in the same way Apple hides its own built-in applications. "All users are affected, as our approach requires neither a jailbroken device nor user interaction," the three said.

Be it Skorpion or spider, it appears that chargers can do much more than power up a device.

What’s Hot on Infosecurity Magazine?