Tech
A Bluetooth vulnerability enables hackers to take over your headphones
The BIAS hack allows attackers to spoof the identity of a previously paired device to gain access to another.
Academics have revealed a new vulnerability that could allow an attacker to take control of your Bluetooth devices. Vendors of Bluetooth hardware from Apple to Samsung and every company in between is expected to release firmware updates in the coming months that will address the issue.
Codenamed "BIAS," the flaw resides in the way Bluetooth devices are paired. After you've successfully paired devices — like a set of headphones, to another, like your phone — you're able to pair them again in the future without going through the same setup process because they share a special pairing key. Researchers say they were able to spoof the identity of one of these devices so they could connect to the other.
The attack requires being in close proximity to a victim, sure, but pairing to a Bluetooth device without permission could grant a hacker unauthorized access to data from the device or control over its functioning in the case of something like a wireless mouse. Or worse, if an attacker can control your headphones they could start playing Nickelback through them without your permission. Terrifying.
A fix is coming — The good news is that the group that disclosed this vulnerability did so after alerting the Bluetooth Special Interest Group (Bluetooth SIG), which develops the Bluetooth protocol. SIG has already released an updated specification that prevents the BIAS attack from working by forcing all Bluetooth connections to be authenticated over a secure method. The attack worked in essence by downgrading Bluetooth to an old-school authentication method.
Even if a device is running in a secure authentication mode, though, attackers could still use BIAS in combination with the previously-disclosed KNOB hack to force access. You can imagine the danger if a hacker is able to intercept sensitive information transferring between your devices, such as plaintext login credentials. To be fully secure from these hacks, your Bluetooth device also needs to receive patches against KNOB.
If you're interested in learning how BIAS works, the video below goes into great detail.
