Fast Pair bug exposes millions of headphones and speakers to hijacking

And failed in Google’s ‘Fast Pair’ protocol has made headphones, speakers and other devices that connect via Bluetooth vulnerable to attacks that would facilitate access and hijacking of these devices.

This security breach has been generated after a defective implementation of the ‘Fast Pair’ function which allows users to connect their devices via Bluetooth with other Android and ChromeOS devices in a more efficient way, pairing automatically, just as the Apple AirPods.

The researchers of Computer Security and Industrial Cryptography group at the KU Leuven University of Belgium They have discovered that with this system cybercriminals can also connect to hundreds of millions of headphones and speakers to control speakers and microphones or even track location.

Specifically, there are 17 models affected by this security flaw, including brands such as Sony, Jabra, JBL, Marshall, Xiaomi, Nada, OnePlus, Soundcore, Logitech y Google. You can check if your device is vulnerable through this link.

The investigation, named ‘WhisperPair’states that anyone who was within the Bluetooth range of these devices (about 15 meters, according to their tests) could stealthily pair with audio peripherals and thus hijack them, even if they were already connected previously.

“You walk down the street with headphones on and listening to music. In less than 15 seconds, we can hijack your device,” KU Leuven researcher Sayon Duttagupta explained in a statement to Wired.

“The attacker now owns this device,” added researcher Nikola Antonijevic, “and can basically do whatever he wants with it.”

GOOGLE RESPONSE

Given this security breach, Google has recognized Wired for the work of the research group, which they reported for the first time last August. The company has assured that they have already notified some of the affected brands and many of them have already implemented security updates. This has also been confirmed by brands such as Xiaomi, JBL, Logitech o OnePlus a Wired.

In an email to Engadget, Google has recommended users check their headphones to see if they have the latest firmware updates. “We constantly evaluate and improve the security of Fast Pair and Find Hub,” the company has clarified.

In addition, Google has assured both media that they have not found any attacks beyond the laboratories of the Belgian research team. However, researchers have countered that Google would not be able to see if the attacks occurred on devices other than its own.

WHAT TO DO IF YOUR DEVICE IS VULNERABLE

KU Leuven researcher Seppe Wyns has warned that the ‘Fast Pair’ system cannot be deactivated, but the option remains. restore factory version of the devices. “You can factory reset your device, and that will erase the attacker’s access, so they will have to do the attack again, but (‘Fast Pair’) is enabled by default on all supported devices,” he explained.

For its part, Google has the ‘Fast Pair Validator’ applicationwhich ensures that ‘Fast Pair’ access has been implemented correctly. However, the researchers have pointed out that all the devices they have worked with already had this application.

The latter have assured that the problem could be solved with a crypto booster of the pairings desired by the device owner and prohibit access to a “secondary owner” without authentication.