They may be using your cell phone's Bluetooth to steal from you without you knowing; avoid it
He Bluetooth It can be a means of attack that hackers could use. This is what could be happening in certain Android devices. We are going to tell you how they do it and, most importantly, what you should do to protect yourself. If you suffer a cyber attack of this type, they could even perform keystrokes and, furthermore, they do not require your permission. This is what is called a zero-click attack.
A zero click attack This is when the cybercriminal does not need the victim's interaction. It does not require you to click on any link or accept anything. This makes them more dangerous, as it can catch the victim off guard, without them knowing that they may be in danger. Therefore, it is essential to protect the devices.
Bluetooth zero click attack
Specifically, it has been a security researcher, Mobile Hacker, who has shown that there are Android devices with certain vulnerabilities. These security flaws, if not fixed, can allow an attacker to exploit Bluetooth and deliver malicious payloads. It carried out tests, through exploitation scripts, to take advantage of these flaws.
These exploitable vulnerabilities have been registered as CVE-2023-45866, CVE-2024-21306 and CVE-2024-0230. Basically, they allow the linking of emulated keyboards via Bluetooth. In this way, the attacker could perform a keystroke injection, without the victim being aware of it.
Now, as we said, the most serious problem behind this is that the attack is carried out without the interaction of the victim. The device simply needs to be within the range of Bluetooth connection. From there, they can perform these key injections and the victim will not notice anything.
Another problem is that this can affect many Android devices, especially older ones that no longer receive updates. In fact, they have detected that it mainly affects old versions of the Android operating system. This is where there can be more problems if they are not corrected.
How to avoid these errors
So what can you do to protect yourself from these vulnerabilities that affect Android Bluetooth? The first, most important thing, is update the system. If you have all the patches installed, you should fix bugs of this type. Now, there are devices that, after a while, stop sending updates. In that case the problem could persist.
If you have an older Android device that no longer receives security updates, it is likely vulnerable to these flaws and you cannot fix them. In that case, it is best turn off Bluetooth as long as you don't need it. Attackers, in order to exploit these vulnerabilities, need to be within range of the Bluetooth connection and have it activated. If it isn't, they couldn't do anything. Just like attacks like Bluejacking, having your devices updated is the best protection.
Therefore, your Bluetooth devices may be vulnerable to this security issue that would allow an attacker to inject keystrokes without you knowing. They will simply need to be within range of Bluetooth, so you could disconnect it, in addition to updating the system.
