Zero-Click Bluetooth Attack: A Growing Threat for Unpatched Android Phones
A security researcher, known as 'Mobile Hacker', has shown how vulnerable unpatched Android phones are. In their demonstration, they revealed a potentially devastating zero-click attack that exploits newly uncovered Bluetooth vulnerabilities to install intrusive payloads via Metasploit, a popular penetration testing framework, onto devices that haven't received their latest patches.
'Mobile Hacker' used proof-of-concept (PoC) exploitation scripts which were released by Marc Newlin earlier this month. These scripts are freely accessible on GitHub and take advantage of the weaknesses tracked as CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230 (more info). They effectively force-pair emulated keyboards through Bluetooth to different OS architectures, thereby enabling keystroke injection.
What's truly alarming about these scripts is they work on devices where Bluetooth is enabled and active, meaning they're in an unlocked state. The attack can spring from another mobile device within Bluetooth range without requiring any interaction with the victim or leaving any noticeable signs of a breach. This vulnerability highlights the importance of keeping our devices updated and vigilant against potential threats lurking in our digital space.
These attacks are as stealthy as they sound and can impact unpatched Android phones. Let's dive deeper to understand this modern menace.
Zero-click attacks, for those who may not know, are cyber threats that don't require any interaction from the victim - no clicking on suspicious links or downloading rogue applications. The hacker needs proximity to execute these nefarious actions via Bluetooth. The vulnerability in question impacts a range of operating systems across different devices but it's especially concerning for older Android versions.
Why is this so? Well, consider the fact that most Android vendors stop supporting devices after only two years and follow infrequent updating circles (quarterly at best). This means security updates get delayed sometimes for months making these devices ripe targets for hackers exploiting Bluetooth vulnerabilities.
To give you a clearer picture, all Android devices running version 10 and older are vulnerable to these Bluetooth flaws. They're essentially sitting ducks for zero-click attacks unless patched immediately. As for newer versions like Android 11 to 14 which have active support, the flaws were addressed in the December 2023 patch.
Unlike their Android counterparts though Apple's iPhones had their flaws fixed by iOS update 17.2 but left previous versions used by older models exposed. MacOS fixed its flaw in version 14.2 while Microsoft issued fixes for Windows 10,11 and Server 2022 in their January 'Patch Tuesday' release of updates in 2024. Older macOS versions like 12 and 13 are vulnerable, and no fixes will be made available.
If you are unable to upgrade to a safe version I recommend either disabling Bluetooth or keeping their phones locked when in public spaces with many people nearby.Advertisement