In order to fulfill the basic functions of our service, the user hereby agrees to allow Xiaomi to collect, process and use personal information which shall include but not be limited to written threads, pictures, comments, replies in the Mi Community, and relevant data types listed in Xiaomi's Private Policy. By selecting "Agree", you agree to Xiaomi's Private Policy and Content Policy .


[News] USB and Bluetooth accessories can be used to attack Android phones and spy on owners

2019-11-11 17:35:06
708 2

Hello MIUI'ers,

A group of security researchers has discovered an exploit that lets Bluetooth and USB accessories wreak all sorts of havoc on multiple Android smartphones. In both cases, the door of entry was the cellphone modem, or baseband, which is found inside all smartphones.

Once a phone has been compromised via the baseband, multiple kinds of disruptions can be heaped on it: complete blockage of all incoming phone calls, selective call blocking, call forwarding to a different number, cutting off of cellular internet connectivity (e.g., 3G/4G), interception of phone calls and text messages, and owner location and activity tracking.

According to the researchers, this exploit is possible due to the way some Android smartphones allow Bluetooth and USB accessories, such as headphones, to communicate with the baseband, which is normally cordoned off from other parts of the device (such as apps).

The baseband firmware of the phones in the study, which is supposed to exclusively accept special commands (called AT commands), was tricked by a hacking app developed by the researchers called ATFuzzer.  Using ATFuzzer, they discovered 14 commands that worked on 10 different Android smartphones across six different vendors.

In some cases, the disruption was minor the Nexus 5 and Pixel 2 had their internet cut off after a DoS command was sent to them. The Nexus 6 and Nexus 6P both fared a bit worse, undergoing a downgrade (also known as bidding-down) that made them vulnerable to over-the-air (OTA) man-in-the-middle attacks in cellular networks. The worst-case scenario of complete privacy loss was demonstrated in three Samsung phones Galaxy Note 2, Galaxy S3, and Galaxy S8+. After getting these phones to leak their IMEI and IMSI, all phone calls and text messages could become intercepted, and user locations and activities tracked down.

The research team says the baseband processors' failure to correctly parse and filter out anomalous commands is the reason for this security vulnerability, and the only way to stop this type of attack is by completely stripping away Bluetooth and USB access to the baseband.

Fortunately, there is a silver lining in all this. Since the exploit works through a wireless Bluetooth or physical USB connection, Android owners can easily avoid the situation by not connecting their smartphones to suspicious or unknown accessories, such as charging stations often found inside malls or coffee shops. With the exception of the Galaxy S8+ and Pixel 2 (which are about two years old), the rest of the targeted phones are quite ancient, and not as pertinent to savvy and up-to-date smartphone owners like our AP readership. But if you happen to own or know someone that still uses those older devices, a device upgrade is strongly encouraged even a cheap new $80-100 Nokia or Redmi is more secure than those ancient devices.

As for the device manufacturers mentioned in the study, they have all been notified of the vulnerabilities by the research team. In response to TechCrunch's inquiry, for instance, Samsung stated that patches are forthcoming. Google responded back saying none of its Pixel phones with the latest patches applied are vulnerable. Huawei did not comment.


2019-11-11 17:35:06
Favorites RateRate

Wizard Bunny

Ian Adoe | from Redmi Note 5A


Thanks for this information...
2019-11-11 19:19:04
2019-11-11 21:10:49
please sign in to reply.
Sign In Sign Up


News Reporter

  • Followers


  • Threads


  • Replies


  • Points


AP2 Livestream
2016 Diwali with Mi
3 Days Check-In
7 Days Check-In
21 Days Check-In
40 Days Check-In
70 Days Check-In
100 Days Check-In
Lucky Draw No.
500K Members
2016 Christmas
Mi Explorers
2016 #ThrowbackwithMiComm
Pokemon Go!
1st Anniversary
2 million registered members
Newbie Member
The Motivator
Go Bunny Master
Mi Love U & I
Bunny Winner
70K Mi Fans
Tech Talent
100K Mi Fans
Selfie Day
Happy July
Mi 9T
Global Fans
MIUI 9th Birthday
Global Community
Mi A3
better together slogan
Global Community
games discuss
Mid-Autumn Festival
400K Mi Fans
300K Mi Fans
500K Mi Fans
close up
Answer Mi #2
Best Photo
Answer Mi #3
Android One
Redmi Note 8 Series
Art Challenge
Father's Day
Mother's Day
10 years
K2K #3
Nepal "Happy New Year"
First Anniversary
K2K #4
10 years
Ringtone Medal
The View Outside Your Window
Music Medal

Read moreGet new

Mi Comm APP

Stay updated on Mi Products and MIUI

Copyright©2010-2021, All Rights Reserved
Quick Reply To Top Return to the list