Découverte d’une faille touchant les connexions Bluetooth de nombreux objets connectés

/decouverte-d-une-faille-touchant-les-co

  • Découverte d’une faille touchant les connexions Bluetooth de nombreux objets connectés
    https://www.lemonde.fr/pixels/article/2018/08/11/decouverte-d-une-faille-touchant-les-connexions-bluetooth-de-nombreux-objets

    Un défaut dans un protocole Bluetooth, qui équipe de nombreux appareils connectés – y compris médicaux – peut permettre une prise de contrôle à distance. Il est possible de prendre à distance le contrôle de certains appareils connectés en Bluetooth, y compris des objets sensibles, à l’insu de leurs utilisateurs. C’est ce qu’a découvert Damien Cauquil, un chercheur de l’entreprise française Digital Security, qui présente les résultats de ses travaux à la conférence spécialisée en sécurité informatique (...)

    #smartphone #Bluetooth #domotique #hacking

    • Le contenu de #Defcon est bloqué chez certains providers :

      You’d better secure your BLE devices or we’ll kick your butts !

      Saturday 2018-08-11 at 12:00 in Track 2
      45 minutes | Demo, Tool, Exploit
      Damien “virtualabs” Cauquil Head of Research & Development, Digital Security

      Sniffing and attacking Bluetooth Low Energy devices has always been a real pain. Proprietary tools do the job but cannot be tuned to fit our offensive needs, while opensource tools work sometimes, but are not reliable and efficient. Even the recently released Man-in-the-Middle BLE attack tools have their limits, like their complexity and lack of features to analyze encrypted or short connections.

      Furthermore, as vendors do not seem inclined to improve the security of their devices by following the best practices, we decided to create a tool to lower the ticket: BtleJack. BtleJack not only provides an affordable and reliable way to sniff and analyze Bluetooth Low Energy devices and their protocol stacks, but also implements a brand new attack dubbed “BtleJacking” that provides a way to take control of any already connected BLE device.

      We will demonstrate how this attack works on various devices, how to protect them and avoid hijacking and of course release the source code of the tool.

      Vendors, be warned: BLE hijacking is real and should be considered in your threat model.

      Damien “virtualabs” Cauquil
      Damien is a senior security researcher who joined Digital Security in 2015 as the head of research and development. He discovered how wireless protocols can be fun to hack and quickly developed BtleJuice, one of the first Bluetooth Low Energy MitM framework.

      Damien presented at various security conferences including DEF CON, Hack In Paris, Chaos Communication Camp, Chaos Communication Congress, and a dozen times at Nuit du Hack, one of the oldest security conference.

      https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20program.pdf