Security News > 2021 > December > Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips
Cybersecurity researchers have demonstrated a new attack technique that makes it possible to leverage a device's Bluetooth component to directly extract network passwords and manipulate traffic on a Wi-Fi chip.
The novel attacks work against the so-called "Combo chips," which are specialized chips that are equipped to handle different types of radio wave-based wireless communications, such as Wi-Fi, Bluetooth, and LTE. "We provide empirical evidence that coexistence, i.e., the coordination of cross-technology wireless transmissions, is an unexplored attack surface," a group of researchers from the Technical University of Darmstadt's Secure Mobile Networking Lab and the University of Brescia said in a new paper.
While these combo wireless chips are key to high-performance spectrum sharing, coexistence interfaces also pose a side-channel risk as demonstrated by the same set of researchers at the Black Hat security conference last year, effectively permitting a malicious party to glean details from other wireless technologies supported by the combo chip.
This breaks the separation between Wi-Fi and Bluetooth to result in denial-of-service on spectrum access, information disclosure, and even enable lateral privilege escalations from a Bluetooth chip to code execution on a Wi-Fi chip.
The researchers found that it's possible for an adversary with control over the Wi-Fi core to observe Bluetooth packets, which, in turn, allows determining keystroke timings on Bluetooth keyboards, ultimately granting the attacker the ability to reconstruct text entered using the keyboard.
"As of November 2021, more than two years after reporting the first coexistence bug, coexistence attacks, including code execution, still work on up-to-date Broadcom chips," the academics said.
News URL
https://thehackernews.com/2021/12/researchers-uncover-new-coexistence.html
Related news
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Researchers Discover Command Injection Flaw in Wi-Fi Alliance's Test Suite (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)