• Home Page
  • About Us
  • Advertise
  • Contact Us
  • My Account

TechVisibility

  • Home page
  • News
  • Computing
  • Reviews
  • Apps
  • Gaming
  • Mobile
  • Audio
  • Video
  • Gadgets
  • FinTech
  • EV
  • More
    • Antivirus
    • Cameras
    • Cryptocurrency
    • NFT
    • Phones
    • Security
    • Smart Home
    • Software
    • Streaming
    • TVs
    • Wearables
    • Web hosting
    • What To Watch
You are at :Home»Security»Bluetooth Warning: Hackers can pair your phone without you knowing
Photo by Brett Jordan on Unsplash

Bluetooth Warning: Hackers can pair your phone without you knowing

Summer Collins 26 May 2021 Security Leave a comment 496 Views

Facebook Twitter linkedin Pinterest Tumblr WhatsAppt Telegram Email More

Be careful in using too much Bluetooth anywhere.

Remember the time when phones have party line between the caller and receiver? Now, security researchers discover that there’s a possible way hackers can do the same thing with Bluetooth connections, without you knowing. Here’s how.

There’s a middle man on Bluetooth

Photo by Sten Ritterfeld on Unsplash

On Monday, May 24, the Bluetooth Special Interest Group (Bluetooth SIG), the organization overseeing the development of Bluetooth standards, issued a security warning to protect users on seven new security flaws found in Bluetooth.

Turns out, the Bluetooth Core and Mesh Profile specifications have vulnerabilities that users might not known. Researchers from the French National Agency for the Security of Information Systems (ANSSI)  shows that attackers can easily hijack the Bluetooth connection between the sender and receiver, without the two parties knowing about it.

This attack is called MitM or man-in-the-middle tactic. For example, a person attempts to send you a file through Bluetooth. The MitM attacker can easily enter the connection between the two persons and portray as the sender. Basically, the attacker will stop the initiator to connect with the receiver, allowing it to be fully transparent.

Here’s the list of vulnerabilities pointed out on the report:

  • Bluetooth Mesh Profile AuthValue leak
  • Malleable commitment in Bluetooth Mesh Profile provisioning
  • Predictable Authvalue in Bluetooth Mesh Profile provisioning leads to MITM
  • Impersonation attack in Bluetooth Mesh Profile provisioning
  • Impersonation in the BR/EDR pin-pairing protocol
  • Authentication of the Bluetooth LE legacy-pairing protocol
  • Impersonation in the Passkey entry protocol

Bluetooth SIG sends warning

To prevent companies from being affected with the Bluetooth vulnerability, the Bluetooth SIG organization made sure to send warnings about the newly-found vulnerabilities.

“The Bluetooth SIG is also broadly communicating details on this vulnerability and its remedies to our member companies and is encouraging them to rapidly integrate any necessary patches,” the organization said. “As always, Bluetooth users should ensure they have installed the latest recommended updates from device and operating system manufacturers.”

Intel, Cisco could be affected

The Carnegie Mellon CERT Coordination Center (CERT/CC) reported that popular vendors like Android Open Source Project (AOSP), Cisco, Intel, Red Hat, Microchip Technology, and Cradlepoint could be the top companies to worry about with the said warning.

Cisco and AOSP already released statements about the issue and said that they are now on action to update their security patches, in protection of the customers.

“Android has assessed this issue as High severity for Android OS and will be issuing a patch for this vulnerability in an upcoming Android security bulletin,” AOSP told CERT/CC.

“Cisco is tracking these vulnerabilities via incident PSIRT-0503777710,” the company said.

“Cisco has investigated the impact of the aforementioned Bluetooth Specification vulnerabilities and is currently waiting for all the individual product development teams to provide Software fixes to address them.”

What to do to keep safe

If you’re a consumer, there are various way to make sure to keep yourself away from any Bluetooth vulnerabilities. First off, stop opening your Bluetooth in public spaces. Second, install security software on your devices, or update security patches needed by your gadgets.

Attack Bluetooth vulnerability Bluetooth warning Headphones MitM Security 2021-05-26
Summer Collins
Tags Attack Bluetooth vulnerability Bluetooth warning Headphones MitM Security

Author

Posted by : Summer Collins
Summer Collins is an official writer from Tech Visibility. She dedicates her time reading news about technology, software, etc. Technically, anything interesting!
Previous Article :

Biggest LEGO set unlocked with over 11,000 pieces

Next Article :

Huawei Will Roll Out Self-Developed HarmonyOS On June 2

Related Articles

7 Tips On How to Keep Your Bitcoin Wallet Safe

7 Tips On How to Keep Your Bitcoin Wallet Safe

Azriel B 28 Jun 2021
Clubhouse Huge Data Leak: 1.3 Million Users Affected; Are You Hacked?

Clubhouse Huge Data Leak: 1.3 Million Users Affected; Are You Hacked?

Noah Gravel 11 Apr 2021
DC Lawsuit–Mark Zuckerberg Must Pay For The Cambridge Analytica Data Issue

DC Lawsuit–Mark Zuckerberg Must Pay For The Cambridge Analytica Data Issue

Noah Gravel 26 May 2022
Double identity verification to unlock device provides better security

Double identity verification to unlock device provides better security

Azriel B 18 Mar 2021
Gmail Users Targeted by New Hacking Scheme, Once Again

Gmail Users Targeted by New Hacking Scheme, Once Again

Noah Gravel 15 Nov 2021
Amazon Echo Dot Kids now available in UK

Amazon Echo Dot Kids now available in UK

Summer Collins 30 Jun 2021

Leave a Reply

  • Facebook Comments
  • Disqus Comments (0)
Specify a Disqus shortname at Social Comments options page in admin panel

Subscribe to our Channel

YouTube Videos

Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo
Youtubevideo

Advertisement


TechVisibility


2493 Technology Drive
Hayward, CA 94545
800-601-4491
contact@techvisibility.com

Follow us

Recent Posts

  • Summer Games Done Quick 2022’s Top Game Speedruns

    Summer Games Done Quick 2022’s Top Game Speedruns

    Noah Gravel 03 Jul 2022
  • Amazon Luna Unveils Its July Lineup

    Amazon Luna Unveils Its July Lineup

    Noah Gravel 03 Jul 2022

Advertisement

  • Terms & Conditions
  • Privacy Policy
  • Cookies Policy
  • Accessibility Statement
  • Advertise
  • About Us
  • Contact Us
  • Do not sell my info
  • YouTube Videos
  • My Account
Copyright 2021, All Rights Reserved
Developed By IdealVisibility.com
Posting....
Go to mobile version