Specifically, it is something that affects iPhone phones and also iPads. They can send massive SPAM with messages through Bluetooth. Basically, we are dealing with unwanted notifications, which can be annoying and even a security risk. The latter is so, since SPAM could be used to send malicious links, for example.
They use Flipper Zero to send SPAM
But why does this happen? iOS devices that have Bluetooth Low Energy technology use packages named ADV to announce your presence to other devices. For example, they can be used to exchange data via AirDrop, connect an Apple Watch or AppleTV, among other options.
What they can achieve with Flipper Zero is to fake those ADV packages. This makes it difficult for the device to tell when it’s legitimate and when it’s a scam or SPAM. Those packets will be transmitted through Bluetooth technology and the devices that are nearby, with Bluetooth activated, will receive those requests.
One of the problems is that they could reach mimic trusted devices, in which the victim trusts, to launch Phishing attacks. There we would be facing a security risk, beyond simply suffering the annoyance of SPAM. If they launch numerous requests, the target device will show many notifications. This, logically, will alter the proper functioning.
The security researchers behind this discovery warn of the importance of always being aware of all the devices that surround us. It is important to avoid risks, such as accepting any request, sending any type of data, etc.
How to avoid the problem
For now, Apple does not have a solution to avoid this problem. In fact, according to security researchers, even if the device is in airplane mode it could work. However, it is hoped that at some point they will release an update or patch to solve this vulnerability.
From RedesZone, we always recommend having the latest versions installed. That helps to maintain safety and avoid unnecessary risks. Whenever you have a device connected to the network, you should check the firmware and make sure it has the latest available version installed.
Beyond having the devices updated, it is also key to control which devices you are going to connect them to, how you are going to interact with other devices and avoid networks that may be insecure or problematic. You have been able to see that through Bluetooth they could also put your security at risk.
In short, simply with a Flipper Zero device, they could flood your iPhone with SPAM. This could even be a security issue. We recommend that you always keep everything up-to-date and reduce the risk of attacks. For example, you should avoid Bluejacking.
