Exploiting Bluetooth Vulnerabilities: From Car Systems to Bank Account Security

Explore a comprehensive security conference talk that delves into the vulnerabilities of Bluetooth systems in modern vehicles and their potential exploitation. Learn about the development of BlueToolkit, a framework designed for testing and replicating Bluetooth Classic vulnerabilities, complete with practical implementation guidance. Discover how researchers uncovered 64 new vulnerabilities across 22 modern vehicles and the Garmin Flight Stream flight management system used in aircraft. Understand the methodology behind identifying implementation-specific vulnerabilities that could enable information theft from vehicles, Man-in-the-Middle attacks, and privilege escalation leading to account hijacking. Gain insights into making Bluetooth security research more accessible and reproducible, particularly focusing on infotainment systems' growing functionality and their integration into vehicle architecture, along with the challenges of patch management in automotive systems.