Monday , May 29 2023

This allows the hacker to manipulate your devices via Bluetooth


Researchers have found a troubling failure in the Bluetooth connection between paired devices. And this is that a security breach has allowed some hackers to log in and manipulate devices tampered with by this wireless connection.

For example, if a cyber-pirate took control of a phone or hearing aid, he could hear the user's conversation.

The problem that counteracts this violation is that when encryption is performed on both facilities, the key can be manipulated by establishing a shorter key, which can then be resolved by a rough attack to monitor or manipulate the traffic.

There are 17 chips that can be vulnerable where companies like it Apple, Qualcomm, Broadcom, Intel and Chicony have all checked some issues with this type of attack.

However, there is already a solution to this problem as Bluetooth SIG updates the specification of Bluetooth Core to recommend manufacturers a minimum encryption length of 7 octets for BR / LDR connections.

Handling that sounds alarming but requires some specifications.

In particular, it is not for the hacker to be on the other side of the world and to control your devices, but that it must be within wireless access, because if you do not meet this requirement, you will not be able to perform your task.

In addition, you need both devices to have the same un-updated driver because if one of them already has the update fix, the process will be interrupted.

Source link