Bluetooth is once again the victim of a serious security breach. According to Bluetooth SIG, the body that oversees the development of Bluetooth standards, the flaw could allow a hacker to carry out "man in the middle" attacks between two connected devices. The hacker could then execute malicious code on the victim's smartphone.
After the huge loophole that allowed spying on text messages and calls from millions of smartphones, Bluetooth once again falls victim to a critical security breach. This vulnerability was identified by computer security researchers at the Swiss Federal Institute of Technology in Lausanne, Switzerland and Purdue University, in the state of Indiana.
It mainly concerns "dual-mode" compatible devices, ie those which support the BLE (Bluetooth Low Energy) and BBR / BEDR (Bluetooth Basic Rate / Enhanced Data Rate) standards. This flaw, dubbed for the occasion BLURtooth, is based on a vulnerability present in the CTKD (Cross Transport Key Derivation), an algorithm whose mission is to generate encryption keys for the two standards.
Now imagine that a user connects their smartphone to their connected headphones or speaker. Generally and except in the case of a first connection, the two devices connect automatically without going through the authentication box. Here, a nearby hacker with a PC can simply log into the device without protection.
Bluetooth versions 4.2 to 5.0 are threatened
Once this is done, the attacker can exploit BLURtooth to hijack the CTKD in order to erase previously generated encryption keys, and create new ones. This is how the hacker can launch a “Man in the Middle” type attack and connect to protected devices connected to unprotected devices. In this case, your smartphone connected to your wireless headphones, for example.
At this precise moment, the hacker is free to execute malicious code on your smartphone, to seize your personal data, consult your communications, etc. Bluetooth SIG specifies that these attacks are impossible to carry out with Bluetooth 5.1. On the other hand, versions 4.2 to 5.0 of the standard are vulnerable.
The body's partner builders have been warned of the presence of this flaw. Bluetooth SIG has already released a patch to manufacturers, who will then have to deploy it to their respective devices.