Security News > 2021 > December > F-Secure uses flaw in at-home COVID-19 test to fake results
Security researchers found a vulnerability in a home test for COVID-19 that a bad actor could use to change test results from positive to negative or vice versa.
Here's how the test works: A user downloads an app, answers a few screening questions, watches an informational video and then performs the test.
The testing device connects to the app via Bluetooth to report the test results.
A proctor watches an individual taking the test and then issues a certificate with the results.
Ken Gannon, a principal security consultant in F-Secure's New York City office, found the flaw that allows a bad actor to change the results after the Bluetooth analyzer performs the test but before the results are reported by the app.
Ellume's home test was approved by the FDA in December 2020 and is one of the test international travellers can use to show negative test results.