Recently identified security flaws in Bluetooth security can enable attackers to take control of connections across devices utilising Bluetooth versions 4.2 to 5.4, including devices from late 2014 to the present date. Notably, Apple devices are particularly vulnerable, with AirDrop posing a heightened risk. These vulnerabilities manifest through six distinct exploits, facilitating both device impersonation and man-in-the-middle attacks, says a report by Bleeping Computer, citing research by expert Daniele Antonioli from Eurecom.


According to Eurecom researchers, six novel attacks collectively referred to as 'BLUFFS', he been made. These attacks can compromise the confidentiality of Bluetooth sessions, thus, enabling device impersonation and facilitating man-in-the-middle (MitM) attacks.


The attacker, within the Bluetooth range, can subsequently discern or modify these keys to decode or manipulate the data, necessitating the attacker to pose as one of the devices engaged in data sharing.


The flaw impacts a wide range of devices, including laptops, PCs, smartphones, tablets, and more, as all Bluetooth-enabled devices are vulnerable to at least three out of the six BLUFFS attacks, according to the research paper.


How To Stay Safe?


A recommended practice is to keep Bluetooth disabled on mobile devices unless necessary. This involves turning it on when using Bluetooth headphones and turning it off afterward.


These security flaws aren't tied to particular hardware or software configurations; however, they are inherent to the architecture, impacting Bluetooth at a foundational level. Antonioli, the discoverer of the attacks, elaborates that BLUFFS leverages two previously undiscovered flaws in the Bluetooth standard concerning the derivation of session keys for decrypting exchanged data.


The researchers have made and shared a toolkit on GitHub that demonstrates the effectiveness of BLUFFS, the report further noted. It includes a Python script to test the attacks, the ARM patches, the parser, and the PCAP samples captured during their tests.