In the past week, researchers have uncovered a new Bluetooth attack called Bluetooth Low Energy Spoofing Attack or BLESA. The system vulnerability reportedly affects billions of Android and IoT devices around the globe running on Bluetooth Low Energy (BLE) protocol, notes ZD Net.
The Bluetooth Low Energy system is designed to help IoT users and devices to conserve battery power despite being connected to Bluetooth. According to ZD Net, advancements and changes in technology have made this possible to be included in almost all battery-powered devices of today.
A team of researchers at Purdue University said that BLE Spoofing Attacks typically arise from authentication issues or in the device reconnection process. This occurs when one of the two connected devices is disconnected or moves out of range and connects again, states Threat Post.
For the reconnecting and attack process to be successful, the BLESA vulnerability should work by allowing bad actors to instantly reconnect with one of the two connected devices and sending spoofed data. The spoofed data can be sent via bad actors weaving around the reconnection authentication process, a process reportedly overlooked by security experts in the field.
ZD Net states the researchers found this vulnerability and disclosed this security flaw over the summer.
The team consists of researchers Antonio Bianchi, Vireshwar Kumar, Yuhong Nan, Mathias Payer, Dave (Jing) Tian, Jianliang Wu, and Dongyan Xu. All members maintain that the security flaw is of great importance, primarily because the BLE protocol’s prominence in the tech field makes its users vulnerable to the spoofing attacks.
In a statement, the researchers wrote in their paper, “To ease its adoption, BLE requires limited or no user interaction to establish a connection between two devices. Unfortunately, this simplicity is the root of several security issues.”
Upon closer scrutiny, the Purdue University research team of seven found two critical issues arising from the BLE software implementations.
According to ZD Net, the issues are that the authentication process during device reconnection has become optional and that the authentication process can be bypassed should the device in question fail to uphold the necessary IoT device authentication when it presents two possible authentication procedures.
Devices that are vulnerable to this type of Bluetooth vulnerability include Android-based platforms, as well as those on Linux and iOS. In particular, devices running on Linux BlueZ IoT, Android Fluoride, and the iOS BLE are all vulnerable to spoofing attacks.
Following their findings, the team reached out to Apple, BlueZ, and Google. While Apple has issued a patch in June, Wired states there are still millions of devices susceptible to these attacks.