A new Android app that can emulate Flipper Zero BLE advertisement spoofing has emerged. This technology, previously prevalent among Apple devices, has now found its way into the Android platform. At the heart of this attack lies Bluetooth Low Energy (BLE), a wireless communication protocol designed for low-power, short-range connections between devices.
BLE is made for devices with strict power requirements
BLE is tailor-made for devices with strict power requirements, such as fitness trackers and other devices that don’t involve audio and video transmission. In contrast, Bluetooth Classic primarily serves high-bandwidth communication needs, like audio and video.
BLE-enabled devices need to establish communication channels to exchange data. Your smartphone, acting as the central device, actively seeks advertisements from other devices interested in connecting. BLE-enabled peripherals broadcast advertisements in search of a connecting device. BLE advertisements primarily serve the purpose of device discovery, helping devices find and identify each other. They can also initiate connections between devices, allowing for data exchange or other interactions.
Enter the Flipper Zero, a versatile and programmable device designed for security and hacking enthusiasts. It features multiple functions including an RFID reader, signal transmitter, and microcontroller, enabling it to interact with various electronic systems. Notably, it also features BLE advertising capabilities.
Apple uses Bluetooth Low Energy (BLE) to enable devices to communicate within a certain proximity of each other. When devices are nearby, a pop-up appears, prompting the user to accept or deny the connection. A hacker could perform BLE spoofing by posing as an Apple device and sending requests to nearby devices in a crowded area. These requests trigger pop-ups on nearby devices, potentially tricking users into sharing their credentials.
The Flipper Zero’s capabilities are impressive and greatly simplify the process of spoofing BLE requests. Surprisingly, you don’t even need this specific device; a Raspberry Pi equipped with a Linux Bluetooth adapter and a portable battery can achieve the same results.
It is now possible to perform BLE spoofing directly from an Android app
A new Android app allows users to spoof BLE requests directly from their smartphones, eliminating the need for specialized hardware like the Flipper Zero or Raspberry Pi. Similar to the Flipper Zero’s abilities, this app broadcasts connection requests at specific intervals.
While the Android SDK supports BLE attacks, it comes with limitations, particularly in terms of the attack range when compared to the Flipper Zero. Reports have emerged that Bluetooth-connected mice and keyboards, essential peripherals, become unresponsive when bombarded with spam broadcasts. The most concerning aspect of this development is that the new app requires no hacking skills or prior knowledge. The app is still in development, but spoofing BLE requests is now almost foolproof.
As always, users should exercise caution when encountering BLE requests on their devices.