Threat Category:
PHY
Threat:
Recent attempts to improve the performance (maximum charge, battery life, charge speed) of Lithium-ion batteries beyond an arguably 'peaked' technology may result in poor designs that are vulnerable to overheating, which can lead to physical damage of the battery and other phone components.
Threat Origin:
Currency-mining Android malware is so aggressive it can physically harm phones
Exploit Example:
Unclear if this is explicitly exploitable by an attacker.
CVE Example:
If this threat is related to a published CVE, provide one or more CVE numbers.
Possible Countermeasures:
OEM Manufacturer: better heat-detection and physical safeguards on the device to prevent excessive heat build-up and damage.
Mobile OS Developers: potential for a new permission that would throttle CPU usage for a given app unless the user has granted it additional permissions to utilize the CPU to a greater extent.
References:
Currency-mining Android malware is so aggressive it can physically harm phones - ArsTechnica, Dan Goodin - 12/19/2017
New Threat
Threat Category: PHY Threat: Recent attempts to improve the performance (maximum charge, battery life, charge speed) of Lithium-ion batteries beyond an arguably 'peaked' technology may result in poor designs that are vulnerable to overheating, which can lead to physical damage of the battery and other phone components.
Threat Origin: Currency-mining Android malware is so aggressive it can physically harm phones Exploit Example: Unclear if this is explicitly exploitable by an attacker.
CVE Example:
Possible Countermeasures:
References: