Select Page

Cybersecurity researchers have demonstrated a new attack technique that makes it possible to leverage a device’s Bluetooth component to directly extract network passwords and manipulate traffic on a Wi-Fi chip, putting billions of electronic devices at risk of stealthy attacks.

The novel attacks work against the so-called “combo chips,” which are specialized chips that are equipped to handle different types of radio wave-based wireless communications, such as Wi-Fi, Bluetooth, and LTE.

“We provide empirical evidence that coexistence, i.e., the coordination of cross-technology wireless transmissions, is an unexplored attack surface,” a group of researchers from the Technical University of Darmstadt’s Secure Mobile Networking Lab and the University of Brescia said in a new paper.

“Instead of escalating directly into the mobile [operating system], wireless chips can escalate their privileges into other wireless chips by exploiting the same mechanisms they use to arbitrate their access to the resources they share, i.e., the transmitting antenna and the wireless medium.”

Coexistence refers to a mechanism wherein Bluetooth, Wi-Fi, and LTE share the same components and resources — e.g., antenna or wireless spectrum — necessitating that these communication standards coordinate the spectrum access to avoid collisions when operating in the same frequency. Chipset vendors use this principle to allow Wi-Fi and Bluetooth to operate virtually concurrently.

images from Hacker News