Cyber attacks are evolving day by day. Recently, a group of researchers unveiled a new threat that can use the shared data from WiFi and from other parts of Bluetooth.
The famous cyber security news covering platform, Bleeping Computer was the first to cover this vulnerability. The findings linked with these attacks were shared at two universities namely, University of Brescia and the University of Darmstadt. According to the researchers, Bluetooth is able to divert WiFi traffic load while collecting network passwords. The reason behind this is that both Bluetooth and WiFi shares same belongings such as an antenna.
In order to identify more about this vulnerability, 9 Common Vulnerabilities and Exposure shortly known as CVE are planted. Manufacturers of the devices used as a target as well as the special interest group of Bluetooth have been notified by the research committee.
The only thing that needs to be done by the attacker to use such weaknesses against other devices is to compromise just a single wireless circuit. This step would enable the hackers to get their hands on the code for WiFi once the Silicon chip of Bluetooth has been compromised completely.
Such attacks cannot be stopped from happening, this is due to the fact that such chips are connected via a hard wire interface, as a result, the operating system handler is unable to stop it from happening. Although this vulnerability was reported 2 years back and yet it still continues to be susceptible for attack.
However, these strikes were more effective against previous iOS version iOS 14.7 and Android 11 which is now replaced with iOS 15 and Android 12 respectively. Other devices were also used to study more about the threat. The findings collected from other devices were also shared by the research team.
The research team added that despite telling the relative authorities about the threat, no such measures are being taken to prevent it from happening, instead they only rolled out minor changes, this is because in order to fix the vulnerability, these chips would be needed to get remodeled from scratch.
Read next: Microsoft product related login pages are commonly impersonated by cyber criminal
The famous cyber security news covering platform, Bleeping Computer was the first to cover this vulnerability. The findings linked with these attacks were shared at two universities namely, University of Brescia and the University of Darmstadt. According to the researchers, Bluetooth is able to divert WiFi traffic load while collecting network passwords. The reason behind this is that both Bluetooth and WiFi shares same belongings such as an antenna.
In order to identify more about this vulnerability, 9 Common Vulnerabilities and Exposure shortly known as CVE are planted. Manufacturers of the devices used as a target as well as the special interest group of Bluetooth have been notified by the research committee.
The only thing that needs to be done by the attacker to use such weaknesses against other devices is to compromise just a single wireless circuit. This step would enable the hackers to get their hands on the code for WiFi once the Silicon chip of Bluetooth has been compromised completely.
Such attacks cannot be stopped from happening, this is due to the fact that such chips are connected via a hard wire interface, as a result, the operating system handler is unable to stop it from happening. Although this vulnerability was reported 2 years back and yet it still continues to be susceptible for attack.
However, these strikes were more effective against previous iOS version iOS 14.7 and Android 11 which is now replaced with iOS 15 and Android 12 respectively. Other devices were also used to study more about the threat. The findings collected from other devices were also shared by the research team.
The research team added that despite telling the relative authorities about the threat, no such measures are being taken to prevent it from happening, instead they only rolled out minor changes, this is because in order to fix the vulnerability, these chips would be needed to get remodeled from scratch.
Read next: Microsoft product related login pages are commonly impersonated by cyber criminal