Your laptop, smartphone or tablet’s Bluetooth chip provides an easy way to connect wireless speakers, keyboards and other accessories. It may also be opening you up to a nasty new cyber attack
By Lee Mathews
Two independent teams of researchers, one from Purdue University and another at the École polytechnique fédérale de Lausanne, identified a new flaw that affects Bluetooth 4.0 and Bluetooth 5.0. This new vulnerability has been dubbed BLURtooth.
Both version allow connections from a fair distance away — up to 200 feet for Bluetooth 4.0 and around 800 feet for Bluetooth 5.0. A malicious hacker could potentially attack a vulnerable device from more than two football fields away.
What makes a device vulnerable? It has to support both the Bluetooth Basic Rate/Enhanced Data Rate and Bluetooth Low Energy protocol and protocols. It also has to support Cross-Transport Key Derivation (CTKD) for device pairing.
That covers a broad swath of Bluetooth-enabled devices, from smartphones to fitness trackers to speakers. According to the researchers, any of these devices could be compromised wirelessly by an attacker.
Properly exploited, BLURtooth would allow the attacker to pair his or her own devices without the user’s knowledge. No prompt would ever appear asking the user to confirm the connection or enter a PIN because the attacker is able to either overwrite encryption keys or forced the connection to use weaker encryption.
Once connected, the attacker could “gain additional access to profiles or services that are not otherwise restricted.” These ‘man-in-the-middle’ attacks could allow a hacker to do things like steal keystrokes or eavesdrop on audio.
The research team has disclosed the BLURtooth vulnerability to Bluetooth SIG, which in turn began notifying hardware vendors. The researchers note that the SIG has provided guidance on how the threat can be mitigated — including only allowing pairing operations when a user manually enables pairing mode.
Many devices will require either software or firmware updates. While assurances have been made that those patches will be delivered, there’s really no way to know how long it will take at this point.
It’s an incredibly complicated proposal given the wide variety of devices impacted. Fortunately, there are certain ones that can be protected right now.
The newer Bluetooth 5.1 standard already supports features that should be able to prevent a BLUR attack. Manufacturers of devices utilizing Bluetooth 5.1 may be able to deliver patches much more rapidly.
Source: Forbes
North Korea-Linked Hackers Are Now Spreading Their Own Ransomware
The Future of Privacy – Why Using and Protecting Personal Data Is a Vital Business Imperative