New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

Comments Off on New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.

The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.

“An attacker can falsely indicate the proximity of Bluetooth LE (BLE) devices to one another through the use of a relay attack,” U.K.-based cybersecurity company NCC Group said. “This may enable unauthorized access to devices in BLE-based proximity authentication systems.”

Relay attacks, also called two-thief attacks, are a variation of person-in-the-middle attacks in which an adversary intercepts communication between two parties, one of whom is also an attacker, and then relays it to the target device without any manipulation.

To mitigate such attacks, researchers recommend requiring additional checks beyond just inferred proximity to authenticate key fobs and other items.

Read the full article here – https://thehackernews.com/2022/05/new-bluetooth-hack-could-let-attackers.html

Share this post

Author

Related Posts

24May

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit

A new research published by academics from KU Leuven,... read more

13May

Google Created ‘Open-Source Maintenance Crew’ to Help Secure Critical Projects

On Thursday, Google announced the creation of a new "Open... read more

02Jun

Weekly Cyber Roundup (May 27, 2022)

WEEKLY CYBER BITS 📅Twitter fined $150M for misrepresenting privacy... read more

12Apr

Microsoft’s New Autopatch Feature to Help Businesses Keep Their Systems Up-to-Date

Last week, Microsoft announced that it intends to make... read more

06Dec

White House Readies Plan to Boost Cybersecurity of Water Supply

Concerns around securing the U.S. water supply are taking... read more

31May

FBI Warns About Hackers Selling VPN Credentials for U.S. College Networks

"This exposure of sensitive credential and network access information,... read more

07Jun

10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users

10 of the most prolific mobile banking trojans have... read more

HIPAA Violations Penalties Fines Cybersecurity Healthcare 2022
19Oct

HIPAA Violations in 2022 : Penalties, Fines and Consequences

There are several levels of penalties for breaching HIPAA... read more

23Dec

The Internal Revenue Service (IRS) Is Making Progress On Securing Its Systems And Data

The Treasury Inspector General for Tax Administration released a... read more

Email Security, Phishing, Spam,
17Aug

Spot Scams & Phishing with these 10 Email Security Essentials

With every organization interacting primarily with emails, it is... read more