Ways Of Bluetooth-Based Cyberattacks Affecting Android Devices Discovered

Ways Of Bluetooth-Based Cyberattacks Affecting Android Devices Discovered

...


New methods of cyber attack affecting the Android ecosystem and caused by Bluetooth have been discovered. The methods discovered allow users to access their data, as well as be able to emulate targeted devices. Google says they are aware of the problem and are working on it.

Interesting remarks were made at the "Black Hat 2020" conference, where cybersecurity was tabled. A cybersecurity company called" DBAPPSecurity "has announced that hackers who want to access users' data are only required to access Bluetooth protocols. In addition, the company has revealed the existence of new ways in which data can be captured via Bluetooth.

According to studies by DBAPPSecurity, hackers have discovered two new types of attacks that affect users of the Android ecosystem. One of these attacks allows access to users ' personal data, call records and messages, while the second one involves spoofing a targeted device.

Statements by DBAPPSecurity officials say a new zero-day deficit has been discovered in the Android ecosystem. Hackers who are able to exploit this vulnerability are able to access users ' personal data by carrying out the first type of attack. In fact, if you take full advantage of this vulnerability, text messages can be sent without users even knowing.

According to experts, hackers can make themselves look like a reliable application in this attack. This vulnerability, which is activated when a Bluetooth connection is switched on, allows hackers to access users ' data through the application permissions granted to them.

The second type of attack that DBAPPSecurity has discovered is exploiting an authentication bypass vulnerability called" BlueRepli". In fact, this type of attack is an advanced version of the one we just mentioned. Because hackers take advantage of this vulnerability, they create an exact copy of the device they are targeting and can bypass all authentication systems. This attack, which users are not aware of in any way, can cause much bigger problems.

According to cybersecurity experts, this vulnerability goes much further when the products of a known Android product manufacturer are used by the industry. So much so that if the products of this unnamed brand are used, hackers can go further and send fake text messages. This company produces more than 100 million devices, experts say.

Statement from Google executives

The new Bluetooth-induced attack methods discovered by DBAPPSecurity have not escaped the attention of Google officials either. A Google spokesperson said they are aware of the Bluetooth-related problems and are working with their partners to overcome them. But no details were given about the size of the studies.



Source