Home / Technology / Hackers Hijack Earbuds: Fast Pair Flaw Exposed
Hackers Hijack Earbuds: Fast Pair Flaw Exposed
15 Jan
Summary
- Fast Pair protocol allows hackers to connect to millions of audio devices.
- Researchers discovered vulnerabilities in 17 audio accessories from 10 companies.
- Hackers can control microphones, audio, or track location within 50 feet.
Researchers from KU Leuven University have revealed a significant security flaw in Google's Fast Pair wireless protocol, allowing for the hijacking of millions of Bluetooth audio devices. The vulnerabilities, collectively named WhisperPair, were found in 17 accessories from 10 different manufacturers. These flaws enable attackers within approximately 50 feet to silently pair with devices in under 15 seconds.
The exploit allows hackers to take control of microphones, listen to ambient sounds, disrupt audio streams or phone calls, and inject their own audio. In some cases, specifically with devices supporting Google's Find Hub feature, attackers can also track a user's location with high resolution. This poses a severe privacy risk, even for iPhone users.
Google has acknowledged the findings and is working with vendors to release security updates. However, researchers caution that due to infrequent updates for such devices, these vulnerabilities may persist for a considerable time, leaving millions of users exposed to potential spying and tracking.
