BleepingComputer: critical vulnerability found in Bluetooth
Security researchers have discovered a critical vulnerability in the Bluetooth specification that affects billions of gadgets around the world. About it reports BleepingComputer edition.
About problems told Eurecom researcher Daniele Antonioli. According to the expert, hackers can intercept the Bluetooth signal using at least six types of attacks, collectively called BLFFS.
Antonioli noted that attackers compromise devices while exchanging data between them. Hackers exploit specification flaws related to obtaining session keys. In this case, an attacker can impersonate one of the devices and intercept information.
According to the researcher, the problems are architectural, that is, they affect Bluetooth at a fundamental level. Antonioli noted that various vulnerabilities are found in all known specifications – from Bluetooth 4.2 to version 5.4. The expert conducted tests on various devices and found that each of them can be attacked using at least three vulnerabilities of the BLFFS group.
The Bluetooth SIG, which oversees the development of Bluetooth standards, responded to the problem. Company representatives reportedthat when transferring data, users should choose a high level of encryption whenever possible and not exchange data with unknown devices.
In October, it became known that hackers began using Bluetooth-equipped gadgets to spy on their owners. Among other things, attackers have learned to monitor police officers, who have a large amount of Bluetooth-enabled equipment in their arsenal.
#Billions #gadgets #world #hacked