Hackers can hack devices via Bluetooth due to several flaws (Indian Express)
Thursday 30 November 2023 / 20:51
6 flaws have been discovered that affect laptops, smartphones and other devices running Bluetooth 4.2 or later, enabling hackers to compromise these devices.
The six new flaws called “BLUFFS” were discovered by Daniele Antonioli and take advantage of two previously undiscovered exploits in the Bluetooth architecture that can be used to decrypt file content when users send data using Bluetooth.
A report by Bleeping Computer indicates that the vulnerabilities affect all devices equipped with Bluetooth 4.2, which was released in late 2014, and also affect Bluetooth 5.4, which was revealed earlier this year. Apple’s AirDrop feature is also weak because it uses Bluetooth technology to transfer files between devices.
This means that all Bluetooth enabled devices including laptops, PCs, smartphones, tablets, etc. are affected by the problem. The report notes that all Bluetooth-enabled devices are vulnerable to at least three out of six BLFFS attacks.
What can I do to protect myself?
Users can’t do anything right now to fix the vulnerabilities. Instead, the solution requires device manufacturers to make changes to the security mechanisms used by the technology and reject low-security authentication methods used by legacy devices. However, it is still unclear whether it will be possible to release some sort of patch for existing devices.
Currently, the best way to protect yourself from newly discovered Bluetooth security flaws is to turn off Bluetooth once you are done using it, but this may be inconvenient for the majority of users. Other precautions users can take are to avoid sharing sensitive files and photos via Bluetooth in a public place, the newspaper reported Indian Express.