Experts from Hexway report, when Bluetooth on Apple devices is on, nearby users can find out the phone number and other details of the user who is using it.
“If Bluetooth is ON on your Apple device everyone nearby can understand current status of your device, get info about battery, device name, Wi-Fi status, buffer availability, OS version and even get your mobile phone number”, — report Hexway experts.
Apple devices transmit BLE or Bluetooth Low Energy (different from Classic Bluetooth as it is designed to provide significantly low power consumption) packets that transmit the device’s position, battery charge, and may other data. This is a part of Apple Wireless Direct link [AWDL] protocol that works on even Wi-Fi to transfer data between neighboring devices.
Darmtadt Technical University experts found problems in AWDL that works for tracking users, provokes device malfunctions and intercepts the files transferring between the devices using MitM attacks. Another problem now pointed out by Hexway in AWDL. The experts found that BLE packets contain SHA256 hash of the phone number, Apple ID and email address. Only 3 bytes of the hash are broadcast, even though this is enough to restore the number as these are armed with the hash tables that researchers known about it. To protect such attacks, users have only option to disable the Bluetooth on their device.
The hashed of the phone numbers can even be intercepted by Cyber criminals in the following situations:
- Connected to AirDrop to transfer files
- Users’ phone share a Wi-Fi password
- A Wi-Fi password is asked by a contact
- When connecting to Wi-FI network
“All that is needed is a person with a laptop and Bluetooth and Wi-Fi adapters, as well as enough people with Apple devices using BLE”, – Hexway experts explain.
The experts from Hexway have already published GitHub to automate such attacks.