Explore the security vulnerabilities and attack methods targeting Bluetooth Low Energy (BLE) technology in this comprehensive conference talk from the Hack In The Box Security Conference. Dive into real-world examples of wireless bit stream exploits affecting various protocol layers of BLE products. Learn about the "Money Thief" vulnerability in QR code payments, allowing attackers to manipulate transactions and steal funds undetected. Discover the "Unlock Everything" topic, showcasing how to bypass smart device locks, laptop lockscreens, and even remotely control cars using BLE Controller flaws. Gain insights into a new BLE security detection tool for reproducing attacks and improving product security. Presented by Xiaomi security engineer Linfeng Xiao, this 36-minute talk offers valuable knowledge for security researchers and manufacturers alike, aiming to enhance the security of our increasingly connected world.
The Tragedy of Bluetooth Low Energy - Security Risks and Attacks
Hack In The Box Security Conference via YouTube
Overview
Syllabus
#HITB2023HKT #COMMSEC D2 - The Tragedy Of Bluetooth Low Energy - Linfeng Xiao & Dalin Yang
Taught by
Hack In The Box Security Conference