Hackers Can Now Send Malware over Bluetooth

Feb. 10, 2020

If left unpatched,BlueFrag lets malicious actors steal personal data from your Android phone running Oreo 8.0 and Pie 9.0 without user interaction. The attacker just needs to be in the Bluetooth range along with the Bluetooth MAC address of your device to take over your phone.

You probably need not worry about BlueFrag if your phone is runningAndroid 10. The researchers mention thatthe exploit does not affect Android 10as it results in a Bluetooth crash when they tested. The report states that devices running Android versions below Oreo 8.0 could also be affected by the vulnerability and hence, it is recommended to update your smartphone to the latest security patch (if available) to stay safe.

With that said, it is worth pointing out that most Android phones running on Android Oreo probably would have reached EOL in terms of software updates and security patches. In that case, your handset would be left vulnerable forever, if brands don’t take an initiative to roll out this patch to all the discontinued devices.

If your device has not received the February security patch so far, the security firm recommends switching on Bluetooth only when in use, and keeping your device non-discoverable.

Subin writes about consumer tech, software, and security. He secretly misses the headphone jack while pretending he’s better off with the wireless freedom.