A research: Bluetooth Impersonation Attacks (BIAS) is the latest cybercrime threat. Attacks exploit unpatched security bugs in chips to steal sensitive data
They’ve been dubbed BIAS (Bluetooth Impersonation Attacks) and are latest cybercrime threat. According to cyber security experts, unpatched security bugs in Bluetooth chips allow attackers to spoof paired devices, posing as a trusted endpoint. Thanks to this, malicious actors can obtain sensitive data. The bugs allow BIAS on everything from internet of things (IoT) devices to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. Threat Post reports that the post-pairing connections are enabled because the devices perform a background check to make sure both possess the long-term key. This is done using the Legacy Secure Connections or Secure Connections protocols inside the Bluetooth specification, which verify three things: the two devices addresses and the shared long-term key. So, an attacker can change his Bluetooth address to mimic the other two, but he cannot prove the ownership of.
The cyber security experts: Threat actors can exploit several attack scenarios, especially for device pairs that use the older Legacy Secure Connections to bond
According to the cyber security researchers, several bugs exist in these processes, opening the door for BIAS gambits while that post-pairing connection is being carried out. The problems include: The Bluetooth secure connection establishment is neither encrypted nor integrity-protected; Legacy Secure Connections secure connection establishment does not require mutual authentication; a Bluetooth device can perform a role switch anytime after baseband paging; and devices who paired using Secure Connections can use Legacy Secure Connections during secure connection establishment. Moreover, cybercrime can exploit several attack scenarios, especially for device pairs that use the older Legacy Secure Connections to bond.