Android's new Bluetooth vulnerability

The constant confrontation between hackers andcybersecurity experts continue to surround the Android operating system, which Google engineers are striving to protect in every way from computer crackers. Nevertheless, Android vulnerabilities are periodically identified that compromised the confidential data of the owners of compromised devices.

ERNW Cybersecurity Experts 3 moreNovember revealed and reported critical vulnerabilities affecting the Bluetooth function. The vulnerability under the code CVE-2020-0022 was named BlueFag and was fixed in the February patch of the security update. This vulnerability could lead to identity theft and could potentially be used to spread malware.

Vulnerability does not work with Android 10 bytechnical reasons and threatens users of smartphones with Android 8 Oreo and Android 9 Pie operating systems. Attackers located next to the owner of the smartphone can quietly transfer malware to the victim’s smartphone.

No user interaction is required, and only the MAC address of the victim’s Bluetooth devices should be known. For some devices, the Bluetooth MAC address can be determined from the WiFi MAC address.

For devices running Androidyounger than version 8, this vulnerability could also work, but ERNW experts did not study this issue. Experts recommend updating the security system until the last February update and turning on Bluetooth only as a last resort.

Source: Engadget