Bluetooth Low Energy denial of service attacks

From HandWiki

The Bluetooth Low Energy denial of service attacks are a series of denial-of-service attacks against mobile phones and iPads via Bluetooth Low Energy that can make it difficult to use them.[1]

iPhone and iPad attacks

DEFCON proof of concept attack

At DEF CON 23 in 2023 a demonstration was given using equipment made with a Raspberry Pi, a Bluetooth adapter and a couple of antennas.[1] This attack used Bluetooth advertising packets, hence did not require pairing.[1] The demonstration version claimed to be an Apple TV and affected iOS 16.[1]

Flipper Zero attack

This attack also uses Bluetooth advertising packets to repeatedly send notification signals to iPhones and iPads running iOS 17.[1][2] It uses a Flipper Zero running third-party Xtreme firmware.[1][3][2] It can still affect the phone even if the phone is in airplane mode and requires Bluetooth to be shut down from device settings or running the phone in Lockdown mode.[1][3][2]

The attack can cause the phone to crash.[3] It also affects iOS 17.1.[4]

The release of iOS 17.2 made the iPhone more resistant to the attack, reducing the flood of popup messages.[5]

An app to perform these attacks was written for Android.[6]

Interference with a medical device

An attendee of Midwest FurFest 2023 tweeted that the Android device they used to control their insulin pump had been crashed by a BLE attack and that if they hadn't been able to fix it they would have had to go to a hospital.[6]

Wall of Flippers

The Wall of Flippers project has written a Python script that can scan for BTLE attacks.[6] It can run on Linux or Microsoft Windows.[6]

Android attack

The Flipper Zero version of the attack has been adapted to attack Android and Microsoft Windows systems.[7][2]

References

  1. 1.0 1.1 1.2 1.3 1.4 1.5 1.6 Winder, Davey (2023-09-06). "New iPhone iOS 16 Bluetooth Hack Attack—How To Stop It". Forbes. https://www.forbes.com/sites/daveywinder/2023/09/06/new-iphone-ios-16-bluetooth-hack-attack-how-to-stop-it/. 
  2. 2.0 2.1 2.2 2.3 Goodin, Dan (2023-11-02). "This tiny device is sending updated iPhones into a never-ending DoS loop". Ars Technica. https://arstechnica.com/security/2023/11/flipper-zero-gadget-that-doses-iphones-takes-once-esoteric-attacks-mainstream/. 
  3. 3.0 3.1 3.2 Kingsley-Hughes, Adrian (2023-10-16). "Flipper Zero can be used to crash iPhones running iOS 17, but there's a way to foil the attack". ZDNET. https://www.zdnet.com/article/flipper-zero-can-lock-up-an-iphone-running-the-latest-ios-17/. 
  4. Kingsley-Hughes, Adrian (2023-10-30). "iOS 17.1 update still no defense against Flipper Zero iPhone crashes". ZDNET. https://www.zdnet.com/article/ios-17-1-update-still-no-defense-against-flipper-zero-iphone-crashes/. 
  5. Kingsley-Hughes, Adrian (2023-12-15). "iOS 17.2 update puts an end to Flipper Zero's iPhone shenanigans". ZDnet. https://www.zdnet.com/article/ios-17-2-update-puts-an-end-to-flipper-zero-iphone-shenanigans/. 
  6. 6.0 6.1 6.2 6.3 Toulas, Bill (2023-12-23). "'Wall of Flippers' detects Flipper Zero Bluetooth spam attacks". Bleeping Computer. https://www.bleepingcomputer.com/news/security/wall-of-flippers-detects-flipper-zero-bluetooth-spam-attacks/. 
  7. Kingsley-Williams, Adrian (2023-10-24). "Now Android and Windows devices aren't safe from Flipper Zero either". ZDNET. https://www.zdnet.com/article/now-android-and-windows-devices-arent-safe-from-flipper-zero-either/. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Bluetooth_Low_Energy_denial_of_service_attacks&oldid=3377497"