Imperfect people are behind every technology, so unfortunately you can often find serious mistakes in it. Such a dangerous discovery was made by engineers from the Bluetooth SIG organization. According to the published note – a vulnerability in the Bluetooth Classic standard allowed the use of a dangerous exploit.
Website Scanner – scan websites for malware
This was hailed as KNOB and thanks to it hackers are able to attack literally any device that complies with the above-mentioned standard. After reaching specific equipment, data transmitted via Bluetooth can be easily intercepted by third parties.
Okay, but what is the gap really about? It is worth starting with the fact that the Bluetooth standard allows the use of so-called cryptographic keys of a certain length – in this case it is from 8 to 128 bits. So you can’t just set the key length range yourself.
Hackers, however, found a way to force this change and chose 8 bits. This turned out to be very easy to break, because only 256 existing combinations had to be checked – one of them was definitely correct. So you didn’t have to do too many tests to gain access to millions of devices.
What’s worse, if a cybercriminal connected to, for example, a given phone, he broke into … all devices paired with it. “Fortunately” the exploit can be used only for units equipped with Bluetooth Classic, i.e. BR and EDR. People with equipment with the Bluetooth LE module are safe.
Soon after the Bluetooth SIG statement was issued, numerous companies began to be called for special patches. To date, such updates have been released by Apple and Microsoft.
I am William, I live in Roubaix, France, I have two wonderful children and also a beautiful wife whom I love the most in the world. I work in a French company on a daily basis and deals with the administration of computer systems, on my blog you will find entries on various topics but mainly on topics related to mobile technologies, computer systems, news and more.