Cyber security news for all

More

    Cyberattack method was described that exploit weaknesses in the classic Bluetooth protocol

    Security researchers of Bluetooth describe gaps in the authentication process of the classic Bluetooth devices that allow a third party device to connect to a nearby device.

    The crux of the matter is the so called pairing when establishing a connection between Bluetooth device. So that a user does not always have to confirm a connection between a smartphone and headphones, a long-term secret key is agreed upon the first connection. This is then sufficient for future connections.

    The researchers have now succeeded in faking a Bluetooth device into the identity of another device that has already been paired, and thus establishing a connection. Before that, an attacker can create a pairing process between two devices and thus learn public information such as the Bluetooth name, addresses, protocol version numbers and capabilities. Here’s the list of the devices tested:

    The Discoverers Call The Attack Method BIAS (Bluetooth Impersonation Attacks)

    Numerous Bluetooth devices and chips are affected because the problem is due to the classic Bluetooth protocol, which practically all devices such as smartphones, tablets and laptops use. The security experts successfully carried out the attack on Bluetooth devices, including iPhone, various notebooks and pixel smartphones.

    The problem was discovered and reported to the Bluetooth Special Internest Group at the end of last year. The group then adapted the Bluetooth core specification. However, firmware updates for the Bluetooth chips are now required. So far, the researchers have not been able to say whether these have already occurred. Apple has not yet released more information on patched security holes for the iOS update.

    To what extent the security vulnerability demonstrated is really being used in practice is unclear. Attacks do not work worldwide, but only within the reception range of Bluetooth devices, which is usually close to 10 meters with a clear view. If you want to protect yourself better, you should switch off Bluetooth when you don’t need it.

    Recent Articles

    Police warn of a scam with fake websites on the Airbnb

    The apartment is centrally located and costs less: what looks like a great offer could be an attempt at fraud. The police in Europe...

    Significant increase in attacks with macOS specific macro malware

    Security researcher Patrick Wardle has observed a significant increase in attacks with macOS specific macro malware. As he explained in his lecture on Wednesday...

    China controls news with offline and online media

    The relationship between western countries and China is ambivalent. Only as a cheap production location and increasingly also as a basis for sales and...

    Russia’s GRU hackers hit the U.S. government and energy targets

    Some hackers have notoriety when it comes to the execution of their breach. GRU is one of these "elite" hacking gang. GRU is a Russian...

    U.S Offers $1 Million Bounty Reward for SEC Hackers

    (Left) Artem Radchenko (Right) Oleksandr Ieremenko   Two Ukrainians nationals, Viacheslavovich Radchenko and Oleksandr Vitalyevich Ieremenko are on the run from the law. The announcement did not...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox