Home Cyber Security Flipper Zero Bluetooth spam assaults ported to new Android app

Flipper Zero Bluetooth spam assaults ported to new Android app

Flipper Zero Bluetooth spam assaults ported to new Android app



Current Flipper Zero Bluetooth spam assaults have now been ported to an Android app, permitting a a lot bigger variety of units to implement these annoying spam alerts.

Impressed by earlier analysis on the subject and Flipper Zero applets concentrating on iOS units, and later Android and Home windows, software program developer Simon Dankelmann developed an Android app able to the identical Bluetooth spam.

The Android app, named ‘Bluetooth-LE-Spam,’ can generate BLE (Bluetooth Low Power) commercial packages spoofing numerous units to close by Home windows and Android units, eliminating the necessity for a Flipper Zero.

The mission continues to be in early growth, however BleepingComputer’s exams confirmed that it really works as marketed.

Particularly, the app can broadcast connection requests with set time intervals as frequent as 1 second, concentrating on ‘Quick Pair’ on Android or ‘Swift Pair’ on Home windows.

Generating spammy Bluetooth broadcasts
Producing Bluetooth broadcasts

One factor to notice is that though the Android API permits setting the transmission (TX) energy degree, builders have restricted management over the precise knowledge being broadcasted in relation to the TX energy degree.

This constraint by the Android SDK can lead to poor reception from the goal units, which isn’t an issue in Flipper Zero, which may obtain a extra prolonged and exact vary when connecting to different units.

In our exams, we discovered that some broadcasts have been caught by the goal provided that the Android machine producing them was as shut as a couple of centimeters. In distinction, in different instances, notifications have been generated from a number of meters away.

Windows 11 notification generated by the app
Home windows 11 notification attributable to the spam app

An fascinating side-effect we observed is that Bluetooth-connected units like mice and keyboards can turn into unresponsive throughout spam broadcasts. That is one other method of making disruptive “denial of service” assaults on a goal.

For now, the app stands as an indication of a risk quite than a extreme risk to customers, however figuring out find out how to flip off these notifications within the occasion you are focused is nice.

On Android, head to Settings → Google → Close by Share, and switch the toggle on Present notification to the “Off” place.

On Home windows, open Settings, choose ‘Bluetooth & units‘ from the menu on the left, then click on on ‘Units,’ scroll all the way down to ‘Gadget settings,’ and switch the ‘Present notifications to attach utilizing Swift Pair‘ toggle to the ‘Off‘ place.

We advocate in opposition to testing the ‘Bluetooth-LE-Spam’ app in your important machine for causes of safety, as BleepingComputer can not present any ensures that the mission is secure.



Please enter your comment!
Please enter your name here