Business Spectra, the new attack that breaks the separation between...

Spectra, the new attack that breaks the separation between Wi-Fi and Bluetooth

Spectra, the new attack that affects Wi-Fi and Bluetooth

The name will remind us of Specter. In this case it is a new practical attack that breaks the gap between the Wi-Fi and Bluetooth technologies that run on the same device, such as laptops, mobile phones, and tablets. It has been developed by security researchers from Germany and Italy.

This attack, which they have called Spectra, works against combined chips, specialized chips that can manage multiple types of wireless communications, such as Wi-Fi or Bluetooth.

The team of researchers behind this discovery indicate that Spectra is a new vulnerability class which is based on the fact that transmissions occur on the same spectrum and that wireless chips need to arbitrate access to the channel.

Specifically, the Spectra attack leverages the coexistence mechanisms that chipset providers include with their devices. The combo chips They use these mechanisms to switch between wireless technologies quickly.

They explain that this type of mechanisms allow to improve performance. However, they also leave the door open for possible side channel attacks and would allow a possible intruder to enter, an attacker who could exploit vulnerabilities.

First time to break this barrier on combo chips

The two groups that have participated in this project correspond to the Technical University of Darmstadt, from Germany, and the University of Brescia, from Italy. They assure that they are the first team that have managed to break this barrier of coexistence in combined chips.

They have analyzed the combined chips Broadcom and Cypress, which are present in many very popular devices, such as all iPhone, Macbook or Samsung phones. They managed to exploit Spectra by attacking the combo chip and the interface between the two technologies. They indicate that the results vary, but that in certain scenarios it is possible.

They also indicate that they identified a shared RAM region, which enables code execution via Bluetooth over Wi-Fi. This makes Bluetooth remote code execution attacks equivalent to Wi-Fi remote code execution, greatly increasing the attack surface.

It should be noted that the technical details of this attack have not yet been made public. It is planned that in the next month of August they will provide all the information through a virtual conference they are going to do.

As we have indicated, there are many occasions when vulnerabilities can arise that lead to attacks. We leave you an article with the best free vulnerability scanners.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest news

Trump wants Biden to take a drug test before the first presidential debate – NBC Utah

WASHINGTON - US President Donald Trump on Sunday demanded that his rival in the November elections, Democrat Joe Biden,...

The Archena Spa achieves the ‘Safe Tourism’ for the measures adopted against COVID19

The Archena Spa has obtained the 'Safe Tourism' seal as a guarantee and certification mark for the implementation of...

River will undergo new swabs today

River's team will have a new series of tests ahead of Wednesday's clash with San Pablo, on the Independiente...

Another overheated? Chiquis Rivera and Lorenzo Méndez give clues about their return – TVyNovelas México

The singer Chiquis Rivera and Lorenzo Méndez seem to have returned as husband and wife, to have a...

You might also likeRELATED
Recommended to you