Ever Trend Zone evertrendzone security byte exclusively brings you Mosyle, the only Apple integrated platform. Simply work your Apple device and create an enterprise safe. Our unique integrated approach to management and security combines fully automated hardening and compliance, next-generation EDR, AI-powered Zero Trust, and cutting-edge Apple-specific security solutions for exclusive privilege management with the most powerful and modern Apple MDM on the market. As a result, the fully automated Apple Unified platform, currently trusted by over 45,000 organizations, can make millions of Apple devices function at an affordable cost. Request an extension test Understand why Mosil is everything you need to work with Apple today.
In Bluetooth spoofing attacks (or bias), hackers take advantage of the weaknesses of the Bluetooth protocol to impersonate trustworthy devices. The “Bose QC headphones” in the Bluetooth menu could be a low-orbit ion cannon waiting for the end-user to connect to it before unlocking any kind of damage.
This week I would like to share again how hackers send Sneaky Keystrokes to Mac if a hacker uses Flipper Zero to connect to a potentially malicious Bluetooth device. This isn’t a complete tutorial as there are already plenty of guides. Instead, I would like to point out how easy it is to pull this off.
Out of the box, the Flipper Zero is a very harmless pentest tool. However, because devices are open source, they can be modified with third-party firmware (in this case Xtreme) that provides a set of applications that take advantage of the device’s feature-rich hardware. This is the same Xtreme that made headings in 2023 with the ability to crash the iPhone with a fake BLE pairing sequence.
I also burned a wireless rubber ducky keyboard called “Bad USB” that runs on BLE (Bluetooth Low Energy). It is primarily used for task automation and device security testing by simulating keyboards, typing keystrokes, and running scripts much faster than human cans. This, combined with the 100-meter range of BLE, is also an attractive tool for hackers.
It took me only four steps and 20 minutes to run the script and I lick-rolled my MacBook Air.
- With Xtreme firmware installed, open the bad USB module in Flipper Zero.
- Uploads the selected payload to the flipper. I’ve created my own .txt script to open YouTube.
- Select a clever Bluetooth device name and connect it to it. I live in a dense area of the city so I kept the default (Badusb at1l1).
- Once they were paired, they ran the payload.
It’s not just Macs. This attack can also be performed on iPhone, iPad, and Windows devices. Of course, an attacker could give you something much worse than Rickroll.
Victim POV
relief
Good news? This only works if the device is unlocked. Bad news? In many cases, you often don’t pay attention when connecting to a Bluetooth device. It is essential to make sure you are connected to the device you are interested in (thanks to Apple for the H2 chip used by Airpods). Malicious actors can deploy multiple devices using names that closely mimic legitimate devices. It is also possible to do this with a spoofed MAC address, making it even more difficult to identify.
Turn off when Bluetooth is not in use, remove unknown devices from the Bluetooth settings list, and use the 6-digit pairing code to prevent the collapse of the victim here.
These attacks are rare, but this does not mean they never happen. Although many victims are unaware, as these attacks often work secretly in the background, I would argue that they occur frequently enough to justify concerns. Hackers love persistence. Why do they brick a Mac with one hack when they can come back for more?
fIn Ollow: Twitter/xLinkedIn, Thread
(TagStoTRASSLATE) Security Byte (T) Flipper Zero
