thetechxp is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission.

Someone can unlock your phone, smart locks and car by using this flaw

Advertisements

This vulnerability affects hundreds of thousands of Bluetooth Low Energy (BLE) devices.

(Image credit: Sebastian Scholz (Nuki)/Unsplash)

Mobile phones, smart watches, laptops, smart locks, and even cars might all be compromised via a newly identified weakness in the Bluetooth Low Energy (BLE) protocol.

By exploiting the hole uncovered by the NCC Group, the first link layer relay assault was successfully carried out. When the Tesla Model 3’s key fob was out of range, the firm utilised a relay attack tool to unlock and even drive the vehicle.

Advertisements

Bluetooth proximity authentication systems (which are used to unlock devices within a particular range) can be easily hacked using cheap off-the-shelf hardware, which makes this vulnerability a worry. A Bluetooth developer board and ready-made apps can be used by an attacker without any knowledge of coding.

According to a press statement from NCC Group, Sultan Qasim Khan, a senior security consultant and researcher, further explained the research he conducted into this new BLE vulnerability and how it can even overcome encryption.

It’s not only that we can convince a Bluetooth device that we are near it—even from hundreds of miles away—but that we can accomplish it even if the vendor has taken defensive mitigations like encryption and latency bounding to purportedly safeguard these conversations from attackers at a distance. It just takes 10 seconds, and you can keep doing it indefinitely. As a result of this research, Bluetooth Low Energy security has been fundamentally rethought by developers and customers alike,” the researchers write in a press release.

Advertisements

There is a large area of potential attack.

The attack surface for this vulnerability has grown enormously due to the widespread use of Bluetooth Low Energy in both consumer and corporate devices.

Auto keyless entry systems in other models of Tesla and Y could be exploited to allow an attacker to gain access to a victim’s vehicle and take control of it. Additionally, laptops and smartphones equipped with the Bluetooth proximity unlock capability are also vulnerable.

Advertisements

If you’ve changed from a standard lock to a smart lock, even your own home could be burgled. Kwikset/Weiser Kevo smart locks were effectively attacked by the NCC Group, which has made this information available to the corporation. Both large and small firms’ access control systems can be compromised by an intruder pretending to be a legitimate employee in order to get access to sensitive areas.

Critical systems aren’t recommended for use here.

As Wibree, Bluetooth Low Energy was first created by Nokia in 2006 with the goal of delivering lower power consumption and costs while maintaining a similar range to that of present Bluetooth devices. As an example, Bluetooth Low Energy (BLE)-enabled headphones could last longer before needing a recharge.

Advertisements

BLE-based proximity authentication was not intended for use in critical systems like vehicle locks or smart locks, as noted by the NCC Group.

Neither a standard bug that can be corrected with a software patch nor a flaw in the Bluetooth specification itself causes this new vulnerability, which is a shame.

Defending yourself from BLE-based attacks

Advertisements

Using this issue in the wild, the NCC Group suggests that you disable passive unlocking on your devices and switch off Bluetooth capability when it isn’t necessary to protect yourself from hackers.

Using data from an accelerometer, manufacturers can disable key functionality in a user’s phone or key fob after it has been stationary for some time. As a key fob for cars that enable Bluetooth Low Energy (BLE), system vendors should give consumers the option of adding a second factor of authentication or user presence attestation by tapping an unlock button in an app on the phone.

For further information on the Bluetooth Special Interest Group (SIG), Tom’s Guide contacted them and received this statement:.

Advertisements

There are a number of security elements in the Bluetooth Specification (SIG) that developers can use to safeguard communications between Bluetooth devices and implement acceptable levels of security for their products. During the creation of any Bluetooth specifications, security is a consideration.

Bluetooth is an open standard, and the Bluetooth SIG encourages security researchers to actively evaluate the specifications. A vulnerability response programme, in conjunction with the security research community, is another service provided by the SIG to the developer community to assist them in implementing the necessary level of security in their Bluetooth devices. There are a number of resources available to help developers make the right security decisions for their Bluetooth-enabled products and solutions.”

Automobile manufacturers and device manufacturers are likely to begin developing defences against the new attack type now that the NCC Group has successfully carried out a link layer relay attack against BLE. To protect your devices until this vulnerability is being addressed, you should disable Bluetooth whenever you aren’t using it.

Advertisements

Leave a Comment