A number of iPhones, iPads, Macs, and non-Apple devices are vulnerable to an attack via Bluetooth that could allow devices to appear as if they are already trusted. That, in turn, would allow them to connect to the impacted phones, tablets, and general tech illegitimately.
The security flaw has been found in Bluetooth chips produced by Intel, Qualcomm, and Samsung so is far from just an Apple problem.
Attackers simply pretend to be using a previously-paired device, fooling the target into allowing a Bluetooth connection. The method has been dubbed Bluetooth Impersonation Attacks (BIAS).
Attacks don’t need any particularly complicated equipment in order to carry out, with a common Raspberry Pi able to be the attack vector when testing was carried out by researchers.
We found and exploited a severe vulnerability in the Bluetooth BR/EDR specification that allows an attacker to break the security mechanisms of Bluetooth for any standard-compliant device. As a result, an attacker can impersonate a device towards the host after both have previously been successfully paired in absence of the attacker.
The Bluetooth Special Interest Group was already aware of the problem and is recommending vendors issue patches to plug the hole. The outfit also says that it plans to implement a fix in a more permanent way in the future.
There’s a detailed paper explaining how this all works if you’re that way inclined, with a YouTube video also running through the ins and outs, too.
You may also like to check out:
- Download: iOS 13.5 GM IPSW Links, OTA Update Released Along With iPadOS 13.5 GM
- iPhone SE 2 2020 Screen Protector: Here Are The Best You Can Buy Today [List]
- iPhone SE 2 2020 Case: Here Are The Best Ones You Can Get Today [List]
- Kodi 18.6 IPA APK Download For iOS 13 / iPadOS 13, Android Released
- Run Multiple 2 WhatsApp Accounts Number On 1 iPhone The Right Way, Here’s How
- Download: iOS 13.4.1 IPSW Links, OTA Update Released Along With iPadOS 13.4.1 Released
- Jailbreak iPhone 11 Pro Max With Unc0ver 4.0.0 On iOS 13.3 Now
- Checkra1n For Windows Alternative: How To Use Ra1nUSB For iOS 13.3 Jailbreak
- Jailbreak iOS 13.4.1 / iPadOS 13.4.1 Using Checkra1n, Here’s How [Guide]
- Downgrade iOS 13.4.1 To iOS 13.3.1 For Checkra1n Jailbreak, Here’s How
- Apple Watch ECG App Hack: Enable Outside US In Unsupported Country On Series 5 & 4 Without Jailbreak