Researchers Discover Vulnerability in Bluetooth Headphones That Can Take Control of Smartphones
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Bluetooth Security Vulnerability Endangers Smartphones
Quick Overview
- Recent flaws in Bluetooth chips may jeopardize smartphones.
- Airoha SoC found in numerous headphones has been identified as vulnerable.
- Intruders could connect silently and listen in via microphones.
- The RACE protocol is susceptible to being exploited for memory dumping and key extraction.
- Devices from manufacturers like Sony and JBL are implicated.
- Airoha has issued a software update to rectify the problem.
- Users are urged to update their devices and eliminate outdated pairings.
- Individuals at high risk should contemplate using wired headphones.
Identifying the Vulnerability
Experts from Germany’s Enno Rey Netzwerke (ERNW) have identified serious flaws in a commonly used Bluetooth system-on-a-chip (SoC). This vulnerability permits potential intruders to indirectly compromise smartphones by leveraging Bluetooth Classic and Bluetooth Low Energy connections, assuming they are in close proximity.
Covert Connection and Eavesdropping
The detected vulnerabilities enable attackers to silently connect to Bluetooth headphones and activate their microphones without user approval. This presents a major risk as attackers may overhear conversations and gather confidential information.
Exploiting the RACE Protocol
An additional critical element of the vulnerability is the exposure of the Remote Access Control Engine (RACE) protocol utilized in Airoha chips. By having access to this protocol, attackers can dump the permanent flash memory of headphones and extract digital link keys, allowing for unauthorized Bluetooth connections.
Effects on Mobile Devices
Once the keys are extracted, attackers can manipulate mobile phones, deceiving them into thinking they are interacting with a legitimate Bluetooth device. This vulnerability also makes it possible for them to summon voice assistants like Siri and Google Assistant to send texts, initiate calls, and execute various tasks.
Extensive Range of Impacted Devices
The Airoha SoC is frequently found in devices from notable brands such as Sony and JBL, exposing a wide array of headphones to these vulnerabilities. In contrast, Apple’s AirPods, which use a proprietary Bluetooth SoC, remain unaffected.
Mitigation Strategies and Suggestions
Airoha has been alerted and has provided an updated software development kit (SDK) to alleviate these vulnerabilities. Users are highly encouraged to promptly update their devices and clear any old or redundant Bluetooth pairings to minimize the risk of infiltration.
Specific Advice for High-Risk Individuals
For those in delicate roles, such as journalists, diplomats, and politicians, ERNW researchers recommend the use of wired headphones as a safer alternative to prevent possible attacks.
Conclusion
This recently discovered Bluetooth vulnerability emphasizes the necessity for regular software updates and cautious usage of wireless devices. Given the extensive array of at-risk devices, proactive actions are essential for protecting personal and sensitive information.