The recently discovered security flaws affect Bluetooth 4.2 or newer devices such as laptops, PCs, smartphones, and other devices.
Eurecom security researchers discovered new Bluetooth security flaws that enable hackers to impersonate devices and conduct man-in-the-middle attacks.
The six new ‘BLUFFS’ attacks were discovered by Daniele Antonioli and make use of two previously unknown exploits in the Bluetooth architecture that can be used to decrypt the content of files when users send data using the technology. According to cybersecurity experts, the flaws are not limited to a specific hardware or software configuration, but affect Bluetooth on an architectural level.
According to Bleeping Computer, the vulnerabilities affect all devices that use Bluetooth 4.2, which was released in late 2014, as well as Bluetooth 5.4, which was released earlier this year. Apple’s AirDrop feature is also vulnerable because it uses Bluetooth to transfer files between devices.
This means that the problem affects all Bluetooth-enabled devices, including laptops, PCs, smartphones, tablets, and others. According to the study, all Bluetooth-enabled devices are vulnerable to at least three of the six BLUFFS attacks.
Because the Bluetooth exploits operate at an architectural level, users can do nothing to address the vulnerabilities at this time. Instead, the solution requires device manufacturers to modify the technology’s security mechanisms and reject the low-security authentication methods used by older devices. However, it is still unclear whether patches for existing devices will be released.
Currently, the best way to protect yourself against newly discovered Bluetooth security flaws is to turn off Bluetooth as soon as you are finished using it, but this may be inconvenient for the majority of users. Another precaution that users can take is to avoid sharing sensitive files and images via Bluetooth in public places.
Follow and Connect with us on
Facebook | Instagram | Linkedin | Dribbble | Twitter | Tumblr | Pinterest
