New research at the École Polytechnique Fédérale de Lausanne (EPFL) has brought up some worrying news. According to an official statement, experts described a new security vulnerability for devices that have support for the Bluetooth Classic protocol—which is basically every mobile device.
The vulnerability, named as BIAS (Bluetooth Impersonation AttackS), requires a malicious party (or their device) to be within close range of a victim’s device. This can result in perpetrators accessing and controlling victims’ devices.
But the issue isn’t limited to smartphones. While smartphones from major manufacturers like Apple, Samsung, Google, Nokia, and Motorola were tested, the report also states that tablets, laptops, headphones, and even SoC boards like the Raspberry Pi are at risk.
The BIAS vulnerability works by taking advantage of a bug in the authentication process between devices. When Bluetooth-enabled devices communicate for the first time, a long-term key is generated. This key is then used for any subsequent interactions between the devices, which allows users to skip the cumbersome pairing process again.
During the authentication process, researchers say that attacking devices can spoof the address of a previously-paired device. Despite the lack of the long-term key, the connection is then completed. Once the attack is successful, perpetrators can then access, and even take control of victims’ devices.
According to an official statement on Bluetooth.com:
“For this attack to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device that has previously established a BR/EDR bonding with a remote device with a Bluetooth address known to the attacker. For devices supporting Secure Connections mode, the attacker claims to be the previously paired remote device but with no support for Secure Connections.”
The Bluetooth Special Interest Group (SIG) is in the process of updating protocols so that authentication is required on both sides, even with legacy authentications. Checks will also be implemented to avoid dangerous encyrption downgrades—however, these changes will only be available in the future.
In the meantime, the group has advised vendors to implement several changes to protect users against BIAS:
“Bluetooth SIG is strongly recommending that vendors ensure that reduction of the encryption key length below 7 octets is not permitted, that hosts initiate mutual authentication when performing legacy authentication, that hosts support Secure Connections Only mode when this is possible, and that the Bluetooth authentication not be used to independently signal a change in device trust without first requiring the establishment of an encrypted link.”
For now, it’s advisable to be careful when receiving Bluetooth requests from devices that claim to be previously trusted. Be sure to only authenticate and communicate with trusted Bluetooth devices that you know to be genuine.
For the full report, you can click here. Read Bluetooth SIG’s full statement here.
Want to convert almost any TV with an HDMI port into a Google TV? Xiaomi…
Sony has introduced the Sony WF-1000XM6 in Malaysia, its latest flagship truly wireless earbuds under…
More than a year after it was first previewed at the KL International Mobility Show…
Google has officially announced its latest smartphone, the Pixel 10a. The new model joined other…
Ahead of the Chinese New Year holiday, Gentari has upgraded its existing EV charging station…
Astro will discontinue HBO channels from 1st March 2026 and introduce four new channels under…
This website uses cookies.