The security firm ERNW has reported the discovery of a new vulnerability in Android that is worrying. This is connected to your smartphone’s Bluetooth and can be explored by someone close to you.
The consequences of this vulnerability can lead to the theft of personal information or the injection of malware into the smartphone. To make things worse, it can be exploited without user intervention, as long as Bluetooth is turned on.
The vulnerability affects smartphones with Android 8 and 9
ERNW’s tests revealed that the affected devices are those running Android 8 and 9. Older versions of the operating system may also be vulnerable, however, the security company was unable to assess this impact.
In devices running Android 10, this vulnerability cannot be exploited. This is because due to some technical details that block the Bluetooth in case of an attempt of a breach.
Another way to protect ourselves against this harm is to have the February 2020 security update installed on your smartphone. As in the previous situation, this scenario is not dependent on the users, but on the manufacturers and their update policy.
Hackers can access your smartphone without you even realizing it
In order to use this vulnerability, hackers only need to be physically close to your smartphone. For that, they only need to know your MAC address.
In the impossibility of having Android 10 or the February security update installed, some behaviors must be taken into account. As ERNW stresses, you should only turn on Bluetooth when necessary.
Additionally, you should not make your device visible to others. If they did not know that your smartphone has Bluetooth on, it will be impossible to exploit this vulnerability.
In short, if you don’t have access to the latest Android updates, you should make smart use of Bluetooth. You should avoid risky behavior that, in this case, just having the smartphone with this connection active and visible to everyone nearby.