Researchers have discovered serious vulnerabilities in Bluetooth devices from 10 major manufacturers that allow cybercriminals to remotely activate microphones and eavesdrop on conversations. Millions of gadgets worldwide are at risk.
G. Ostrov
A team of cybersecurity researchers has identified critical vulnerabilities in the Bluetooth stack of devices from ten leading electronics manufacturers. These vulnerabilities allow attackers to remotely access device microphones without users' knowledge.
Scale of the Problem
Devices from brands such as Samsung, Apple, Sony, LG, Huawei, Xiaomi, OnePlus, Motorola, Nokia, and Google are at risk. Researchers estimate the number of potentially vulnerable devices at several billion units worldwide.
Attack Mechanism
Attackers can exploit vulnerabilities in the Bluetooth protocol to establish a hidden connection with the target device. After successful connection, they gain the ability to activate the microphone and transmit audio data to a remote server.
Particularly dangerous is that the attack can be conducted unnoticed by the user - no visible indicators of microphone activity are displayed.
Protection Recommendations
Experts recommend users to:
- Turn off Bluetooth when not in use
- Regularly update device firmware
- Use Bluetooth "invisible" mode
- Check the list of connected devices
- Avoid pairing with unknown devices
Manufacturers' Response
Most affected manufacturers have already released or are preparing security patches. Users are strongly advised to install all available security updates.
This research emphasizes the importance of regular security audits of wireless protocols and the need for stricter protection standards in IoT devices.
More details about the research can be found on the official Habr website.
If you have any problems, contact us, we will help quickly and efficiently!