Wednesday, September 16, 11:54
Home security BLESA: billions of devices vulnerable to Bluetooth security flaw

BLESA: billions of devices vulnerable to Bluetooth security flaw

A new security flaw discovered over the summer, affects billions of devices using the technology Bluetooth, such as smartphones, tablets, laptops and IoT devices. The defect is known as BLESA (Bluetooth Low Energy Spoofing Attack) and affects those Appliances use the Bluetooth Low Energy (BLE) protocol.

The protocol CORN is a lighter version of the original Bluetooth (Classic) standard, which is designed to save battery, while maintaining Bluetooth connections for as long as possible. BLE has been adopted on a large scale in the last decade and is found in the majority of battery-powered devices, due to the energy savings it offers.

Due to the high profile of this protocol, security researchers often check it for any security gaps in recent years, often discovering serious vulnerabilities.

A team of seven academics from the University of Purdue has begun researching a part of the BLE protocol that plays a key role in day-to-day operations, but has rarely been analyzed for safety issues.

The research focused on the "reconnection" process, a function that takes place after two BLE devices have certified each other during pairing.

Reconnections occur when Bluetooth devices move out of range and then return to the area later. Normally, when reconnecting, the two BLE devices will need to check each other's cryptographic keys to reconnect and continue exchanging data via BLE.

However, as the Purdue research team found, the BLE protocol contained two systemic issues that have been identified in BLE software applications:

  • Authentication when reconnecting the device is optional and not mandatory.
  • Authentication may be bypassed if the user's device does not require the IoT device to authenticate the reported data.

These two issues allow a BLESA attack to take place. A nearby intruder bypasses reconnection verifications and sends fake data on a BLE device with incorrect information and motivates operators and automated processes to make wrong decisions.

Purdue researchers said they analyzed many software stacks that have been used to support BLE communications on various operating systems.

The researchers found that BlueZ (on Linux-based IoT devices), Fluoride (Android) and iOS BLE were all vulnerable to BLESA attacks, while BLE on devices Windows it was safe.

Regarding IoT devices based on Linux, BlueZ 's development team said it would remove the code section that makes devices vulnerable to BLESA attacks and instead use code that implements proper reconnection procedures.

The downside is that repairing all vulnerable devices will be extremely difficult for system administrators, and repairing some devices may not even be an option.

A piece of equipment and production with limited resources sold in the last decade, is not accompanied by a built-in information mechanism, which means that these devices will be exposed to attack.

Intruders can use bugs denial-of-Service to take the devices offline and enable a reconnection function on demand and then perform a BLESA attack. It is impossible to protect BLE devices from disconnections and signal drops.

Based on previous BLE usage statistics, the research team estimates that the number of devices using vulnerable BLE software stacks is in the billions. At the moment all those who use devices with this software can do is wait for the relevant updates to be released.


Please enter your comment!
Please enter your name here

Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Hacker jailed for installing keylogger on company systems

A New Jersey man has been sentenced to eight years in prison for installing keyloggers on his opponents' computer networks. Target...

BLESA: billions of devices vulnerable to Bluetooth security flaw

A new security flaw that was discovered during the summer, affects billions of devices that use Bluetooth technology, such as smartphones, tablets, laptops and ... You can schedule your emails for later

If you ever wanted to schedule an email to send later, now at you have this option, doing the most ...

MITRE: Group hacking simulation programs are released!

MITRE together with its partners active in the cyber security industry have started a new project that will offer free simulation of ...

MrbMiner malware: It has infected thousands of MSSQL databases

Security researchers have discovered a new malware (called MrbMiner) that targets MSSQL servers and installs cryptominer.

Worrying increase in hands-on hacking campaigns by 2020

According to research by Crowdstrike, in the first months of 2020 there was a significant increase in sophisticated hands-on hacking attacks.

Newhall School District: Cancels classes due to ransomware attack

Another US school complex was attacked by ransomware a few days ago, affecting the lessons that ...

Missouri Hacking Attack Prevented!

A hacking attack aimed at infecting a Missouri county site with malware has been thwarted. Hackers developed a trojan malware, ...

Orange Tsai: How (again) I hacked Facebook!

The following article is about the personal experience of Orange Tsai, so he literally quotes his words about how he managed to ...

Adidas: New technology for high performance sneakers

Adidas seems to be ready to look into the eyes of its eternal rival Nike, in the race for the best big shoes ...