Cyber Threat Report: A New Bluetooth Vulnerability
Devices using the Bluetooth standard 4.0 through 5.0 are vulnerable to BLURtooth attacks which allows hackers to defeat Bluetooth encryption.
BLURtooth is a vulnerability in the Cross-Transport Key Derivation (CTKD), which is a component of the Bluetooth standard. The CTKD component is responsible for negotiating and setting up authentication keys when pairing two devices via Bluetooth. A hacker can exploit the vulnerability in Bluetooth using the CTKD to overwrite the keys, which gives the attacker additional access to both devices.
The Bluetooth Special Interest Group (SIG) released a notice yesterday regarding BLURtooth, explaining that it opens the door to a man-in-the-middle attack, “For this attack to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device supporting both BR/EDR and LE transports that supports CTKD between the transports and permits pairing on either the BR/EDR or LE transport either with no authentication (e.g. JustWorks) or no user-controlled access restrictions on the availability of pairing. If a device spoofing another device’s identity becomes paired or bonded on a transport and CTKD is used to derive a key which then overwrites a pre-existing key of greater strength or that was created using authentication, then access to authenticated services may occur. This may permit a Man In The Middle (MITM) attack between devices previously bonded using authenticated pairing when those peer devices are both vulnerable.”
In the same notice SIG recommends users to, “rapidly integrate any necessary patches. As always, Bluetooth users should ensure they have installed the latest recommended updates from device and operating system manufacturers.”
Further steps you should be taking to stay safe when using Bluetooth are:
- Disable Bluetooth when it’s not in use. This will reduce the chance that an attacker will see your device and attempt to hack it.
- Use the ‘hidden’ mode. This mode prevents unfamiliar devices from recognizing and paring with your device. If you choose to add a new device, you’ll need to disable this feature to pair it.
- Try to only use Bluetooth in secure areas. Public areas, like airports and hotels, are more likely to have hackers nearby.
- Always reject pairing requests from unknown devices.
- Keep your software up-to-date at all times.
When your Bluetooth is enabled on your device, it’s constantly open to and waiting for possible connections. Our recommendation: If you’re not actively using it or you’re in a public area, disable it.
4332 Wheeler Road #105, Augusta GA 30907
Follow your Augusta IT Guys on Facebook, Twitter, Instagram, and Linkedin