28.2 C
Mumbai
Thursday, October 29, 2020
Tel: 8850717892

BlueRepli Bluetooth Attack Targets Android Devices

Home Security Awareness BlueRepli Bluetooth Attack Targets Android Devices
- Advertisement -

Must Read

Urban Farming Masterplan by MJZ Firm, Poland

An Overview: Dubbed 'the gardens of the future', the project focuses on natural food production. MJZ, an architecture firm has...

Metaspoilt Framework, A popular Tool among Cyber Criminals

First, in this topic, we will see, What is the Metasploit Framework? 1) What is the Metasploit Framework? Metasploit Framework is...

A brief to Architecture Journalism as a Career Path

Not all students prefer jumping into the career path of practising architecture. It is great when you design, but...
Ayush Dubeyhttps://ayush7ad6.wordpress.com/
Ayush Dubey is an engineering student from IIIT Jabalpur. He has a comprehensive background in technology. Cybersecurity being his primary field of interest. He loves to meet people who are always in a hustle to learn new things.
Recently, in the virtual meeting of Black Hat USA 2020, researchers have found a unique, queer yet effective way to hijack the android devices through a new Bluetooth vulnerability called BlueRepli. This enables attackers to gain access to the device without any interaction with the victim, stealing private information of the user.

An Overview

Bluetooth technology uses short-wavelength radio waves to transfer data between devices like mobile devices, IoT devices, printers, speakers, headphones and the list goes on.
There have been numerous instances of cyber crooks tampering with the Bluetooth protocols to compromise devices to perform their nefarious activities. With attacks like BlueBorne, KNOB, or BadBlueTooth, cybercriminals have appended their list of exploiting Bluetooth devices with another attack called BlueRepli. Researchers said that only Android devices are vulnerable to this attack. iPhone devices are safe!
The range of devices running the Android operating system is huge. Having a large attack landscape with tens of millions of users in the world, attackers are focusing on exploiting Android devices to spread their reign through other Android devices.
This leaves Android devices always vulnerable to cyberattacks; what bothers android users is that Google’s delay in releasing patches for vulnerabilities!

BlueRepli Vulnerability

Security researchers Xin Xin and Sourcell Xu from California-based cybersecurity firm DBAPPSecurity disclosed yet another Bluetooth vulnerability: BlueRepli.
Using this vulnerability, attackers can bypass the Bluetooth authentication on Android devices without detection or interaction with the victims. Attackers can steal sensitive data from the host device like call records, contacts, and SMS verification codes. Furthermore, hackers can send fake SMS to the victim’s contact list.
Threat actors can bypass the Bluetooth authentication by impersonating a previously connected device. Therefore, not requiring any permission from the victim. Another way to hijack the devices is through disguising as a trusted application asking permission to share data, just like in the case of a vehicle’s infotainment system.

This is what BlueRepli does
This is what BlueRepli does

In the core, BlueRepli is an abuse of the Bluetooth Profiles. Bluetooth profiles enable connectivity between various application scenarios. They are a set of rules to govern about connectivity including sharing data between devices. For example, there is the Phone Book Access Profile (PBAP) to enable access to a user’s phone book, while the Message Access Profile (MAP) provides access to text messages.
Researchers also noticed that this vulnerability doesn’t work with iOS devices. Moreover, this zero-day vulnerability is due to the negligence of a mobile vendor company which has over 100 million Android devices working around the world.
Surprisingly, the researchers notified Google and Android Open Source Project (AOSP) about the Bluetooth vulnerability, but the issue is still there.

BlueRepli Working

The attackers gain access to Android devices primarily through two techniques:
  1. The most common is through the familiar dialogue box which appears when a device requests to send or receive data. A yes/no dialogue box to accepts the connection or a six-digit number is presented to secure connection.
  2. ‘Just Works’ Attack: With this technique, the attackers needs no interaction with the victim to penetrate the device. This Bluetooth technique called the ‘just works,’ can bypass the need for user interaction to establish a connection, getting escalation of privileges. This attack can happen with several other methods.
The first is a deception-based attack where the attacker may secure a connection through pretending to be a Bluetooth device or a trusted application like Skype (just say). The attacker first gets the target device’s Bluetooth address by simple scanning. Then, by impersonating, the attackers request to gain access to phonebook or SMS. After gaining these privileges, the attackers can exfiltrate sensitive information without the victim’s knowledge.

BlueRepli Modus Operandi
BlueRepli Modus Operandi

The other way to execute just works attack is through a vulnerability-based technique where the threat actor gathers two Bluetooth device addresses by scanning. The first address is the target’s Bluetooth address, while the second is the address of the Bluetooth device that has gained access to the target device, like Bluetooth headsets. The attacker tricks the target device by impersonating as the ‘headset’ by changing his address to that of the second Bluetooth address. Eventually, obtaining access to the phonebook and SMS of the host device.
“Data will be passed back to the attacker without the victim’s knowledge,” Xu said.

Safety Measures

  • Bluetooth vulnerabilities are due to the negligence of the operating system’s vendor. And once known the company quickly releases a patch to protect its users. Therefore, always keep your Android devices’ firmware up to date to update the threat definitions of the devices.
  • Many people keep their Bluetooth turn ON, even when not using it for any purpose. This always keeps them vulnerable to such attacks. So it is necessary to keep your Bluetooth, and for that case WiFi too, turned OFF to prevent an attacker to gain control over your Android device to perform his nefarious activities.
Previous articleHuman Centric Design
Next articlePERSONA 4 : GOLDEN
- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Watch Dogs: Legion and Albion Targeted by Egregor Ransomware

In this topic, we will see about the Data breach held in Watch Dogs: Legion and Albion, and How...
- Advertisement -

Metaspoilt Framework, A popular Tool among Cyber Criminals

First, in this topic, we will see, What is the Metasploit Framework? 1) What is the Metasploit Framework? Metasploit Framework is a widely used penetration testing...

Watch Dogs: Legion and Albion Targeted by Egregor Ransomware

In this topic, we will see about the Data breach held in Watch Dogs: Legion and Albion, and How was the Breach conducted? Data...

More Articles Like This

- Advertisement -