In certain scenarios, iPhones leak phone
numbers through Bluetooth
Security researchers are reporting that they can extract a
user’s phone number from the Bluetooth traffic coming from an iPhone smartphone
during certain operations.
The attack works because of how Bluetooth works when it is
enabled on an Apple device. The device sends Bluetooth Low Energy (BLE) packets
in all directions, broadcasting the device’s position and various details.
This is part of the Apple Wireless Direct Link (AWDL)
behavior protocol that can work either via Wi-Fi or BLE to interconnect and allow
data transfers between nearby devices.
Academic research previously reported has revealed that
ADWL BLE traffic does contain device identification details such as the phone
status, Wi-Fi status, OS version, and buffer availability, among others.
However, in this new research, security researchers from
Hexway have stated that during certain operations, these BLE packets can also
contain a SHA256 hash of the device’s phone number. The researchers have stated
that only the first 3 bytes of the hashes are sent, but state that that’s
enough to identify your phone number.
As phone numbers have strict formatting, attackers can use
pre-calculated hash tables to recover the rest of the phone number.
According to Hexway, the BLE traffic that contains the phone
number hashes can be captured by malicious actors when a user is using AirDrop
to share a file with another user, when a user’s phone is trying to share a
Wi-Fi password, or when a user is asked to share a Wi-Fi password by a contact.
a few ways for this issue to be exploited; most of the ways revolve around
social engineering and could be very successful when aimed at one individual at
a time, as part of targeted attacks, in special venues or circumstances.
someone could attend any conference and collect information about its
addition, these attacks are easy to carry out at a technical level. There are
published tools on GitHub that automate the process. “The tools are easy to
use,” security researcher Dmitry Chastuhin of Hexway states, “All you need is
just a person with a laptop and Bluetooth and Wi-Fi adapters and enough people
with Apple devices using BLE.”
Chastuhin also stated that his published tools could also be used to “catch students who use AirPods to cheat on exams, and catch people sending abusive content through AirDrop,” both problems that have become quite common practices these days.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648