06:51 GMT +310 December 2019
Listen Live
    A man wears Alexa-infused wireless Echo earbuds that will synch with smartphones at Amazon's headquarters in Seattle on September 25, 2019

    Android Users Warned Hackers Could Use Wireless Earbuds to Hack Into Phones

    © AFP 2019 / Glenn CHAPMAN
    Tech
    Get short URL
    181
    Subscribe

    There are several common-sense ways to reduce your exposure to hackers looking to snoop on your private conversations and data, some more obvious than others.

    Tech security researchers from Perdue University and the University of Iowa have discovered a major flaw in several popular Android-based phones allowing hackers to crack phones using wireless accessories such as wireless earbuds.

    According to the report, hackers can gain access to your phone using its baseband firmware, the software designed to interface with Bluetooth and USB accessories, sending commands to the gadget asking it to reveal its unique identifiers. Once access is gained, hackers can transfer the phone to an insecure connection, subsequently allowing them to intercept calls, access the phone’s data, or even shut the phone down altogether by blocking phone network and internet access.

    The vulnerability is said to affect close to a dozen major smartphone lines, including Google’s Pixel 2, Samsung’s Galaxy S8+ and Huawei’s Nexus 6P.

    Researchers created a special tool which they called ‘ATFuzzer’, designed to snoop out potentially harmful commands to the baseband firmware, discovering that there were a total of 14 commands which could allow hackers to steal data or take control of the device. Various phones are said to have various vulnerabilities.

    Speaking to TechCrunch, study coauthors Syed Rafiul Hussain and Imtiaz Karim explained that “the attacks can be easily carried out by an adversary with cheap Bluetooth connectors or by setting up a malicious USB charging station,” meaning close proximity is typically necessary. “If your smartphone is connected with a headphone or any other Bluetooth device, the attacker can first exploit the inherent vulnerabilities of the Bluetooth connection and then inject those malformed AT commands,” the researchers added.

    Stay Alert, Stay Safe

    There are a number of ways to make yourself less vulnerable to this kind of hacking, the most basic of which is promptly installing security updates to your phone as manufacturers release new updates to close vulnerabilities. Others include regularly changing your password, or simply refraining from discussing sensitive topics over the phone, and changing the privacy settings on your data. Another good idea is to avoid public USB-based chargers, if possible.

    Related:

    Huawei to Reportedly Summon Prized Hackers to Germany for Undercover Bug Bounty Talks
    Hacker Publishes Database of Account Data From Neo-Nazi Forum Iron March
    Suspected North Korean Hackers Took Aim at Indian Space Agency – Report
    UK's MI5 Runs Operation to Shield Parliamentarians' Phones From 'Russian Hackers' - Reports
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik