New Bluetooth Vulnerability Exposes Billions of Devices to Hackers

New Bluetooth Vulnerability Exposes Billions of Devices to Hackers

There are many devices that currently have a Bluetooth chip to connect to each other and now we know that they are in danger. While updating to the latest Bluetooth configuration is the only way to prevent this type of attacks, users are advised to turn off their Bluetooth connectivity when not connected to any other device that they are using.

The security researchers who explored the vulnerability stated that it was tested against a significant number of devices, including smartphones made by Apple, Samsung, Google and LG, laptops, tablets, and even headphones.

Chances are good that you are familiar with how Bluetooth technology works - you probably have used it to pair your iPhone with your AirPod or connect your favourite music program with a speaker.

BIAS can also be combined with other attacks, such as the Key Negotiation of Bluetooth (KNOB) attack, which was disclosed past year by the same research team.

They said they had tested the attack on over 28 unique Bluetooth chips by attacking 30 different devices - all of which were vulnerable to the attack.

The flaw lies in the way two devices handle the long-term key that establishes their connection.

The paper details the report of the discovery, and the researchers explained extensively on how they found the bug in the post-bonding authentication procedure.

"Bluetooth SIG is strongly recommending that vendors ensure that reduction of the encryption key length below 7 octets is not permitted, that hosts initiate mutual authentication when performing legacy authentication, that hosts support Secure Connections Only mode when this is possible, and that the Bluetooth authentication not be used to independently signal a change in device trust without first requiring the establishment of an encrypted link".

Global coronavirus cases exceed 5 mln
The numbers come from the Johns Hopkins University tracker, which has been tallying cases since early in the outbreak. The U.S. accounts for nearly a third of the cases, followed by Russian Federation .

Such apps require Bluetooth to be left switched on, and may encourage attackers to try their luck at compromising nearby devices. "Our attacks target the standardized Bluetooth authentication procedure, and are therefore effective against any standard compliant Bluetooth device".

Researchers tested the attack on 30 unique Bluetooth devices, using 28 different Bluetooth chips, and were successful in reproducing it in every case, using unsophisticated low-priced equipment such as a Raspberry Pi kit.

The hacking method is called Bluetooth Impersonation Attacks (BIAS).

Which devices are vulnerable to BIAS attacks?

Thankfully though, launching a successful attack is not that easy as an attacker's device would need to be within wireless range of a vulnerable Bluetooth device that has previously been paired with a remote device with a Bluetooth address known to the attacker.

As per the Github web page of the BIAS assault, this vulnerability was identified to Bluetooth Special Interest Group (Bluetooth SIG) - the organisation that oversees the event of Bluetooth commonplace, in December 2019.

"The Bluetooth Special Interest Group (SIG) prioritizes security, and the specifications include a collection of features that provide developers the tools they need to secure communications between Bluetooth devices".

Related Articles