Mimic: The ransomware exploiting Windows search
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreBluetooth Classic’s cryptographic protocol, forward secrecy, is crucial for ensuring that past interactions are protected and confidential – preventing communications from being disclosed after the fact. And on the flipside, future secrecy is a protocol that ensures future communications are confidential – even if the keys used in earlier interactions have been compromised.
The Hacker News recently reported that new research has revealed six new attacks which break those forward secrecy and future secrecy guarantees. And this means that attackers can position themselves as adversaries-in-the-middle (AitM); sitting between two connected peers and intercepting information shared between them.
The study was led by Daniele Antonioli (Researcher at EURECOM), and was published in November 2023. The vulnerabilities have been called BLUFFS, tracked by NIST under CVE-2023-24023; and they affect Bluetooth Core Specification 4.2 to 5.4.
Antonioli noted that attacks using BLUFFS “enable device impersonation and machine-in-the-middle across sessions by only compromising one session key.” New flaws in Bluetooth’s session key derivation mechanism mean that attackers can use the same weak key across multiple sessions.
They can, therefore, establish future encryption procedures to make sure that their compromised key is used for all sessions while they’re in proximity of the device.
On the bright side, the attack is limited by proximity – the attacking device must be within range of two vulnerable Bluetooth-enabled devices that are initiating a pairing attempt.
Antonioli wrote in the study:
“From this work, we learned three key lessons that we want to share: (i) we should pay more attention to session establishment vulnerabilities, attacks, and fixes effective across sessions, (ii) we should agree on the definitions of Bluetooth’s forward and future secrecy and update the standard to discuss these definitions and related risks, (iii) we need to open-source Bluetooth firmware (Controllers) and better tooling around them to improve the effectiveness, coverage, and speed of our offensive and defensive evaluations.”
The emergence of BLUFFS is hot on the heels of a ThreatLocker report which explains how Bad Bluetooth and Bad KB Attacks enable threat actors to weaponise pairing mechanisms in order to gain control over devices running Apple MacOS systems.
And emerging attacks are added to a list of existing threats to Bluetooth security, including (but certainly not limited to):
Bluetooth attacks can result in information theft, eavesdropping between devices, disruption of networks or device services, or the installation of malware. Like all connected technologies, Bluetooth offers an opportunity for adversaries to access a device or network – and it must be included in ongoing security monitoring, training, and controls.
Are you coming to Black Hat MEA 2024? You’ll be immersed in the latest research on the threat landscape and adversary tactics – and have the opportunity to improve your security with guidance from the world’s top CISOs and ethical hackers.
Join the newsletter to receive the latest updates in your inbox.
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreWhat are non-human identities (NHIs) and why are they driving a paradigm shift in identity security?
Read MoreNew research shows that a growing number of organisations view cybersecurity as a strategic priority.
Read More