Almost all devices vulnerable to Bluetooth Impersonation Attacks
Almost everyone uses bluetooth-enabled devices and rarely does it occur to users that they could become the target of hacking via bluetooth. For, it is still a possibility if your device hasn’t been updated by the manufacturer to fix the flaw.
The Bluetooth Impersonation AttackS (BIAS) was the name given to the attack which could be utilised by any threat actor. The vulnerability was discovered by researchers Daniele Antonioli, Kasper Rasmussen, and Nils Ole Tippenhauer back in December 2019.
According to a statement released by them, “There is a severe vulnerability in the Bluetooth BR/EDR specification that allows an attacker to break the security mechanisms of Bluetooth for any standard-compliant device. As a result, an attacker can impersonate a device towards the host after both have previously been successfully paired in absence of the attacker”.
]The Bluetooth standard provides authentication mechanisms based on a long term pairing key, which are designed to protect against impersonation attacks. The BIAS attacks, as demonstrated by the researcher’s new paper basically show that the authentication mechanisms have been broken, letting a potential threat actor exploit them by impersonating any Bluetooth master or slave device.
The researchers further revealed that since the attacks are standard-compliant, they can be combined with other attacks, including the Key Negotiation of Bluetooth, KNOB attack.
Which devices are vulnerable?
The results of the paper are shocking as they state that devices powered by chips from Cypress, Qualcomm, Apple, Intel, Samsung, and CSR were tested and they all were vulnerable to the BIAS attack.
The BIAS tests were conducted on 30 unique bluetooth devices using 28 unique Bluetooth chips which essentially means that a host of Bluetooth enabled devices, including smartphones, are vulnerable.
Devices with bluetooth functionality from Apple, Samsung, Google, Nokia, LG, and Motorola, laptops from HP, Lenovo, Apple MacBook, headphones from Philips and Sennheiser, have been found to be susceptible to the BIAS attack.
Is there a fix available?
Since it was reported to the BIS back in 2019, many manufacturers have had a chance to provide a workaround. Devices that have not been updated with a fix after December 2019 would likely be susceptible to the BIAS attack, while those updated post this period might have already received a fix for the issue.
Via GitHub
Almost everyone uses bluetooth-enabled devices and rarely does it occur to users that they could become the target of hacking via bluetooth. For, it is still a possibility if your device hasn’t been updated by the manufacturer to fix the flaw. The Bluetooth Impersonation AttackS (BIAS) was the name given…
