Hacked by Bluetooth: New Exploit Takes Over Your Phone
PlexTrac 👉 https://seytonic.cc/plextrac1
0:00 Hacked With Bluetooth: New Exploit Takes Over Your Phone
2:20 PlexTrac (sponsor)
3:13 Counterstrike HTML Injection Bug
5:11 Ukraine Admits to Hacking Russia
6:51 KillNet Leader ‘Retires’
Sources:
https://www.theregister.com/2023/12/06/bluetooth_bug_apple_linux/
https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html?m=1
Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS
https://www.darkreading.com/vulnerabilities-threats/critical-bluetooth-flaw-exposes-android-apple-and-linux-devices-to-keystroke-injection-attack
https://www.darkreading.com/vulnerabilities-threats/critical-bluetooth-flaw-exposes-android-apple-and-linux-devices-to-keystroke-injection-attack
https://github.com/skysafe/reblog/tree/main/cve-2023-45866
https://www.bleepingcomputer.com/news/security/counter-strike-2-html-injection-bug-exposes-players-ip-addresses/
Gamers Warned of Potential CS2 Exploit That Can Reveal IP Addresses
https://hackerone.com/reports/631956
Gameplay: https://www.youtube.com/watch?v=hVicFArGAwk&ab_channel=gigabit-
https://therecord.media/ukraine-cyber-operation-russian-aviation-agency
https://www.bleepingcomputer.com/news/security/ukraine-says-it-hacked-russian-aviation-agency-leaks-data/
Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia
https://gur.gov.ua/en/content/voienna-rozvidka-ukrainy-zdiisnyla-kiberspetsoperatsiiu-shchodo-rosaviatsii-sanktsii-pryskoriuiut-aviakolaps-rf.html
https://therecord.media/killnet-killmilk-announces-retirement
===============================================
My Website: https://www.seytonic.com/
Follow me on TWTR: https://twitter.com/seytonic
Follow me on INSTA: https://www.instagram.com/jhonti/
===============================================
by Seytonic
linux web server
Luckily im paranoid and tin foil hatted about being tracked through bluetooth so i always have it off
today my bluetooth says i have two devices every time i connect only my airpods for some reason and then i see this. i have a 15 pro max ios
I don't understand how this changes anything you still need a phone password
That is why turning off Bluetooth when a device is not in use is necessary.
This is Very old news I remember learning about this 10+ years ago and the news was dated at that time.
I heard of that bluetooth thing years ago. I need my headphones bluetooth, or I'll forget I have a cord and my phone will fall on the floor. And I have autism, so I can't just not wear headphones. If I don't have them on when a lot of noises are happening, I'll start panicking
Fairly sure that bluetooth bug was shown years ago. Yup, just looked it up, first I saw it discussed was 2016 in MIT technology review on 23 rd of February 2016. If it is that, then this is not new in the slightest. From what you described, its not any different. Edit, if I remember correctly, I also remember this being discussed with regard to payment terminals. That use bluetooth to speak to a phone.
I’m writing some really advanced ETHICAL spyware, and I looked into the Bluetooth part a while ago. So for anyone who wants an idea on what the attack may do, here you go:
// Types Of Attacks:
– DOS
– MITM
– idk what it’s called, but it’s similar to phishing
– Trojans
– Turning your own Bluetooth device into a RAT
// The Most Dangerous:
The most dangerous attack is called Blueborn. Blueborn works kind of like a physical virus. It doesn’t need user stupidity or anything like that. Antivirus or anything like that won’t work since it doesn’t work like traditional malware.
I’m not completely sure, but I think it spreads by sending a connection request, then manipulating your device to accept it. It’s really dangerous because the attacker can do anything they want when it happens, and most devices pretty much give Bluetooth devices access to everything. There are patches for it, but according to (https://nira.com/bluetooth-security-vulnerability/) over 2 billion devices are still vulnerable. My personal advice is to turn off Bluetooth when you’re not using it.
Damn this sucks nothing suprises me anymore 😢. Bluetooth & Alexa are both dangerous .
Windows users chilling in the corner
The vast majority of software vulnerabilities are memory bugs. The vast majority of memory bugs come from C and C++. In contrast, Go and Rust provide similar capability without the same risk. But companies don't allow their engineers to use Go or Rust. "We can't find Go devs anywhere waaaaaaa!"
I updated my phone does that mean I can use Bluetooth again?
isnt this like 5 years old?
On linux the hackers cant do much without your sudo password
huh, sounds similar to that one scene in mr.robot
i love this channel every week its better to watch this than read bunch of booring articles
David Bombal hosted OTW and they showed this exact hack using an example from Mr Robot
There was a bug I found like this in csgo back in 2019/2020~ish, if u edited the lobby message packets u could insert a custom formatted xml used for events text (eg when u are in a lobby and it goes "(TEAM A) vs (TEAM B) live" or something), lots of trolling ensued and we thought it was harmless, we would just visually edit peoples ranks and make a message come up saying u were overwatch banned, after having our fun we told a bunch of peeps, but then afterwards we realized if u attached a script tag u could run javascript in their game ui, then you could use a handy api (since disabled) made by valve to run any program on their computer with any parameters you could ever want, wouldn't have shared it if i realised it let u run js (and probs could have got major bug bounty money D:), sooooo like we are reallllllllly lucky nobody realized and made a botnet out of a bunch of people playing counterstrike from us just doing a lil trolling before valve patched it. Valve patched it after a few streamers got targeted by some trolling.
2012…. TWENTY TWELVE?!?!?!?!??!
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Maybe I will think about disabling Bluetooth on my Fedora 39 laptop and my PinePhone
killmilk is a 12 year old?
it would be a shame if the bluetooth exploit was used to serve a virtual bad usb device as a nas with some hacked-in open wrt features
it was bad enough that we had to watch out for bt and wifi spoofs but imagine it used with bad usb to organize mesh botnets thruoughout
I can't really find it, but do emui (Huawei in particular) also get the Bluetooth Patch? I'm specifically asking for a P30 Pro because the last available Update was in february and their Website doesn't list it under any Update intervalls
damn ok i NEED my bluetooth always on for my cgm (constant glucose monitor) to work
This has always been the case, hasn't it? I thought Bluetooth was always vulnerable.
Does it matter if you make your device undiscoverable?