A highly critical hacking technique has been uncovered and is affecting some Bluetooth devices. By exploiting this new vulnerability an unauthenticated, remote hacker which in physical proximity of targeted devices could easily intercept, monitor or manipulate the traffic they exchange.
CVE-2018-5383 is the code of this new vulnerability and it relays on two Bluetooth features—Bluetooth low energy (LE) implementations of Secure Connections Pairing, and BR/EDR implementations of Secure Simple Pairing in device firmware; it affects firmware or operating system software drivers from some major vendors including Apple, Broadcom, Intel, Qualcomm, Google, Android, and Linux.
This is how the hack works:
Researchers discovered that the Bluetooth specification does not mandate devices supporting the two features (LE, BR/ERD) to validate the public encryption key received over-the-air during secure pairing.
With this features being optional, some vendors’ do not sufficiently validate the parameters used to generate public keys during the Diffie-Hellman key exchange.
Companies and individual people must take certain precautions against this growing phenomenon of cyber attacks; for that they should implement at least a cybersecurity solution, like an antivirus, to protect their systems. Necessary things like regularly updating operating systems, using antivirus for Windows or antivirus for Mac depending on which OS your device is using. Companies must also hire professional cybersecurity firms to do regular checkups to their internal network a couple of times per year. These checkups must always include a penetration test and various ethical hacking test.
If a hacker is within the range of targeted devices during the pairing process, he can launch a man-in-the-middle attack to obtain the cryptographic key used by the device; after stealing the cryptographic key he can retrieve data, and inject malware.
CERT/CC also released a security alert, which includes additional technical details about the Bluetooth vulnerability and attack method.
According to the CERT/CC, Bluetooth makes use of a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted communication between devices.
This is how you stay safe and secured:
In order to eradicate this vulnerability, the Bluetooth SIG now requires products to validate public keys received as part of public key-based security procedures.
For everything to remain safe and secured patches are needed in both firmware and operating system software drivers; this patches will soon be available from vendors and developers of the affected products, and they are needed to be installed as soon as possible.
Apple and Intel have already released patches for this security vulnerability. Apple fixed the bug with the release of macOS High Sierra 10.13.5, iOS 11.4, watchOS 4.3.1, and tvOS 11.4.
Intel released its patches for the Dual Band Wireless-AC, Tri-Band Wireless-AC, and Wireless-AC product families.
Broadcom also claims to have already made fixes available to its OEM customers, and now they are responsible for providing patches to the end-users.
Remember that every device has a significant value that must be protected by at least cybersecurity solution like an antivirus. Depending on which OS your device is running, install an antivirus for Windows or antivirus for Mac for total protection. Companies must take an extra step and hire a professional cybersecurity firm that will run various cybersecurity tests on your company’s network to implement only the best possible cybersecurity solution. Always opt for a package that includes at least a penetration test and ethical hacking test. For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.