Your Cell phone's Bluetooth Makes You Vulnerable

Posts by: Carl Jack

cell phone bluetooth security

Cell phone bluetooth is a wireless technology utilized to pair two devices in order to exchange data over short distances between them. Bluetooth technology can be found today in almost any smart device, such as smart TVs, PCs, MacBooks, cars, and of course smartphones.

While this amazing technology made our life much easier and enabled us to listen to music using wireless headphones, connect our phone to the car’s media center, watch phone’s content on the TV, and many more uses, it also has some vulnerabilities, which hackers and remote attackers can use to their advantage.

 

Contents

  1. The Problem

  2. The Impact

  3. Remedy and Solution

  4. Relief

  5. Prevention

 

The Problem

On July 23rd, 2018, the United States Computer Emergency Readiness Team (US-CERT) published a statement, which informed the public about a Bluetooth vulnerability that has been seen on equipment using Intel and Qualcomm chipsets, as well as Broadcom and other devices. As iPhones and Android phones use one of these chipsets or systems, this meant that almost every Apple and Android user in the world could have this vulnerability on his smartphone, and we’re talking about hundreds of millions of people.

 

The Impact

On devices with the reported problem, there is a risk that connections between two devices could be vulnerable to a man-in-the-middle attack that would allow the remote attacker to monitor and manipulate traffic and data. For this to happen, the attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure, and would need to inject a malicious packet to the receiving device within a narrow time window. If only one device had the vulnerability though, the attack wouldn’t be successful.

 

Remedy and Solution

To remedy the vulnerability, the Bluetooth Special Interest Group (Bluetooth SIG) has updated the Bluetooth specifications needed to prevent hackers from performing such attack. Software and firmware updates that address this vulnerability were released shortly after the first statement on July 23rd, 2018. If you own an Android or Apple phone and haven’t updated your software since the end of July 2018, you should do that as soon as possible to remove this vulnerability from your device.

 

Relief

It has been stated that there is no evidence that the vulnerability has been exploited maliciously and the Bluetooth SIG is not aware of any devices implementing the attack having been developed, including by the researchers who identified the vulnerability. In other words, we all can calm down for now (after updating the software on our smart devices, of course).

 

Prevention

Unfortunately, threats like the one described here surround us daily and keep getting more complicated and harder to track. To minimize the risks and to keep your devices relatively safe, make sure you’ve installed the latest recommended updates from device and operating system manufacturers. Additionally, install a decent Antivirus software on your devices that would block and remove any malware attacks. If you need help finding the right antivirus for you, check out our lists of the best Mac and PC antivirus software for 2018. Lastly, a tip regarding the use of Bluetooth – if you don’t use it, turn it off. This would increase your battery life and decrease the chances of getting hacked.