How Hackers Can Access Your Mobile Data
Smartphone users with Bluetooth connectivity now have another thing to worry about as a new flaw has been discovered that makes smartphones and devices running on Bluetooth vulnerable to hacks.
Lior Neumann and Eli Biham of the Israel Institute of Technology were the first to find the flaw. It was later flagged by the Carnegie Mellon University CERT. According to the research, Bluetooth components from Apple, Broadcom, Intel and Qualcomm have been affected. some Android devices have also been affected.
When two users are trying to connect using Bluetooth, they need to validate their cryptographic keys to enable a secure connection. This flaw allows an attacker to create a fake public key to insert their device in between the two Bluetooth devices so as to trick a user into giving access. This way, the hacker can inject their own messages and gain access to any sensitive information the user might have – usually referred to as the man-in-the-middle attack.
the flaw, which is being tracked as CVE-2018-5383, affects Bluetooth’s Secure Simple Pairing and Low Energy Secure Connections.
The primary reason this flaw occurs is because some smartphone vendors’ Bluetooth implementations do not properly validate the cryptographic key exchange when Bluetooth devices are trying to pair.
The mobile hacker must also be able to intercept the valid public keys being exchanged by the two Bluetooth devices, before imitating the transmissions. Basically, he needs to make sure that he intercepts a valid connection request by both the users so that the hacker can make both the users think that they have connected.
Apple announced a fix for this when it released a patch for the flaw in July. Microsoft has said the Windows systems aren’t affected directly, but the report suggests that there are many wireless chip modules for Windows 7, 8.1, and 10 products that come in the list of affected modules.
you can always hire professional hacker to do many jobs
Users have been told to upgrade to the latest firmware and also check with vendors if they have any updates. Dell and Lenovo have released new drivers to fix this flaw in Intel software, with others working on their updates to fix the flaw. and some professional hacker are also working on it