Business Spectra, the new attack that breaks the separation between...

Spectra, the new attack that breaks the separation between Wi-Fi and Bluetooth

Spectra, the new attack that affects Wi-Fi and Bluetooth

The name will remind us of Specter. In this case it is a new practical attack that breaks the gap between the Wi-Fi and Bluetooth technologies that run on the same device, such as laptops, mobile phones, and tablets. It has been developed by security researchers from Germany and Italy.

This attack, which they have called Spectra, works against combined chips, specialized chips that can manage multiple types of wireless communications, such as Wi-Fi or Bluetooth.

The team of researchers behind this discovery indicate that Spectra is a new vulnerability class which is based on the fact that transmissions occur on the same spectrum and that wireless chips need to arbitrate access to the channel.

Specifically, the Spectra attack leverages the coexistence mechanisms that chipset providers include with their devices. The combo chips They use these mechanisms to switch between wireless technologies quickly.

They explain that this type of mechanisms allow to improve performance. However, they also leave the door open for possible side channel attacks and would allow a possible intruder to enter, an attacker who could exploit vulnerabilities.

First time to break this barrier on combo chips

The two groups that have participated in this project correspond to the Technical University of Darmstadt, from Germany, and the University of Brescia, from Italy. They assure that they are the first team that have managed to break this barrier of coexistence in combined chips.

They have analyzed the combined chips Broadcom and Cypress, which are present in many very popular devices, such as all iPhone, Macbook or Samsung phones. They managed to exploit Spectra by attacking the combo chip and the interface between the two technologies. They indicate that the results vary, but that in certain scenarios it is possible.

They also indicate that they identified a shared RAM region, which enables code execution via Bluetooth over Wi-Fi. This makes Bluetooth remote code execution attacks equivalent to Wi-Fi remote code execution, greatly increasing the attack surface.

It should be noted that the technical details of this attack have not yet been made public. It is planned that in the next month of August they will provide all the information through a virtual conference they are going to do.

As we have indicated, there are many occasions when vulnerabilities can arise that lead to attacks. We leave you an article with the best free vulnerability scanners.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest news

What is true and what is false in the mini-series “Great” about Catherine II – Newspaper

What is true and what is false in the mini-series "The Great" about Catherine II Gazeta.Ru.

Pakistani Airbus A320 crashes in residential Karachi, at least 80 dead

InternationalCRASH - A plane crash occurred this Friday morning in a residential area of ​​the city of...

They enabled the walks for the weekend in Córdoba – Informed, upon return

They enabled the walks for the weekend in Córdoba - Informed, on the return - Chain 3 Argentina ...

Price of the dollar today Friday May 22, 2020 at the close, exchange rate

Mexico City. Today Friday May 22, 2020 the dollar listed on $ 22.73 pesos, according to the investing.com platform....

You might also likeRELATED
Recommended to you