Sharing is caring!

Imperfect people are behind every technology, so unfortunately you can often find serious mistakes in it. Such a dangerous discovery was made by engineers from the Bluetooth SIG organization. According to the published note – a vulnerability in the Bluetooth Classic standard allowed the use of a dangerous exploit.

Website Scanner – scan websites for malware

This was hailed as KNOB and thanks to it hackers are able to attack literally any device that complies with the above-mentioned standard. After reaching specific equipment, data transmitted via Bluetooth can be easily intercepted by third parties.

Okay, but what is the gap really about? It is worth starting with the fact that the Bluetooth standard allows the use of so-called cryptographic keys of a certain length – in this case it is from 8 to 128 bits. So you can’t just set the key length range yourself.

Hackers, however, found a way to force this change and chose 8 bits. This turned out to be very easy to break, because only 256 existing combinations had to be checked – one of them was definitely correct. So you didn’t have to do too many tests to gain access to millions of devices.

CHECK IT OUT :   PlayStation 3 System Software 4.84 - unexpected software upgrade

What’s worse, if a cybercriminal connected to, for example, a given phone, he broke into … all devices paired with it. “Fortunately” the exploit can be used only for units equipped with Bluetooth Classic, i.e. BR and EDR. People with equipment with the Bluetooth LE module are safe.

Soon after the Bluetooth SIG statement was issued, numerous companies began to be called for special patches. To date, such updates have been released by Apple and Microsoft.