This week security researchers have revealed a massive Bluetooth vulnerability that affects billions of iOS devices. The vulnerability, oddly named the ‘KNOB Attack’ (Key Negotiation of Bluetooth Attack), works by exploiting a flaw in the Bluetooth encryption key protocol, allowing for a brute force attack to be remotely launched against any standard-compliant Bluetooth device.
The attack allows a hacker to completely bypass the security mechanisms of Bluetooth and as a result can listen in, intercept and modify the content of Bluetooth communications between devices. This also works between devices that have been successfully paired in the past.
“We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices),” explained the researchers. “At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.”
We haven’t seen any examples of this exploit in the wild yet, but now that the vulnerability has been publicized it’s a matter of time before someone will build upon this to support Bluetooth key-logging and wireless headphone audio interception.
Protecting against the KNOB Attack
As the vulnerability lies with the Bluetooth standard itself, virtually all Bluetooth enabled devices are at risk from the KNOB Attack. Google has issued a fix and has started rolling it out to their devices.
Apple says they issued a fix in their latest iOS update, 12.4. However, this update itself re-introduced a dangerous vulnerability, allowing even up-to-date devices to be Jailbroken and therefore leaving them at risk of spyware and other malicious code. Currently, Apple users have no choice but to wait for the iOS 12.4.1 update, which should patch both the KNOB attack and recently unpatched Jailbreak vulnerability in iOS 12.4.
If your device is older and you can’t update past iOS 9 or 10 there is no way to protect your device from the KNOB attack right now. Hopefully Apple will release an emergency update to these older iOS versions as they did back in July to fix a GPS bug.
How to check for iOS Spyware
With the re-introduction of a major vulnerability in the latest iOS version (12.4), millions of Apple devices are now at risk of spyware. If you are concerned that spyware has infected your iPhone then check out Certo AntiSpy, the world’s first and only spyware detection tool for iPhones and iPads.