New 'Spectra' attack breaks the separation between Wi-Fi and Bluetooth

Spectra
Image: Jiska Classen

Academics from Germany and Italy say they developed a new practical attack that breaks the separation between Wi-Fi and Bluetooth technologies running on the same device, such as laptops, smartphones, and tablets.

Called Spectra, this attack works against “combo chips,” specialized chips that handle multiple types of radio wave-based wireless communications, such as Wi-Fi, Bluetooth, LTE, and others.

“Spectra, a new vulnerability class, relies on the fact that transmissions happen in the same spectrum, and wireless chips need to arbitrate the channel access,” the research team said today in a short abstract detailing an upcoming Black Hat talk.

More particularly, the Spectra attack takes advantage of the coexistence mechanisms that chipset vendors include with their devices. Combo chips use these mechanisms to switch between wireless technologies at a rapid pace.

Researchers say that while these coexistence mechanisms increase performance, they also provide the opportunity to carry out side-channel attacks and allow an attacker to infer details from other wireless technologies the combo chip supports.

Jiska Classen, from the Darmstadt Technical University, and Francesco Gringoli, from the University of Brescia, say they are the first research team to explore the possibility of breaking this coexistence barrier on combo chips.

“We specifically analyze Broadcom and Cypress combo chips, which are in hundreds of millions of devices, such as all iPhones, MacBooks, and the Samsung Galaxy S series,” the two said.

“We exploit coexistence in Broadcom and Cypress chips and break the separation between Wi-Fi and Bluetooth, which operate on separate ARM cores.”

Exploiting Spectra requires attacking a combo chip with malformed wireless traffic, and then attacking the chip interface between the two technologies.

Results vary, but the research team says that certain scenarios are possible following a Spectra attack.

“In general, denial-of-service on spectrum access is possible. The associated packet meta information allows information disclosure, such as extracting Bluetooth keyboard press timings within the Wi-Fi D11 core,” Classen and Gringoli say.

“Moreover, we identify a shared RAM region, which allows code execution via Bluetooth in Wi-Fi. This makes Bluetooth remote code execution attacks equivalent to Wi-Fi remote code execution, thus, tremendously increasing the attack surface.

Furthermore, even if researchers analyzed only Broadcom and Cypress chips for their work, Classen and Gringoli say that other combo chipset manufacturers are most likely vulnerable to Spectra attacks as well.

Additional technical details about the attack have not yet been made public. The research team plans to provide a technical rundown during a virtual session at the Black Hat security conference in August.

An academic paper detailing the Spectra attack in greater depth will also be made available at the same time, in August.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 66,185.00
ethereum
Ethereum (ETH) $ 4,302.36
binance-coin
Binance Coin (BNB) $ 495.94
cardano
Cardano (ADA) $ 2.29
tether
Tether (USDT) $ 1.00
solana
Solana (SOL) $ 191.67
xrp
XRP (XRP) $ 1.16
polkadot
Polkadot (DOT) $ 44.34
dogecoin
Dogecoin (DOGE) $ 0.255877
usd-coin
USD Coin (USDC) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 66,185.00
ethereumEthereum (ETH)
$ 4,302.36
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 651.37
litecoinLitecoin (LTC)
$ 210.12
bitcoinBitcoin (BTC)
56.804,93
ethereumEthereum (ETH)
3.692,61
tetherTether (USDT)
0,858275
bitcoin-cashBitcoin Cash (BCH)
559,05
litecoinLitecoin (LTC)
180,34
bitcoinBitcoin (BTC)
48,028.80
ethereumEthereum (ETH)
3,122.12
tetherTether (USDT)
0.725675
bitcoin-cashBitcoin Cash (BCH)
472.68
litecoinLitecoin (LTC)
152.48

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Behind The Scenes: How this Crypto Community Responded to + $50m Hack
October 18, 2021
Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021

Blockchain/Cryptocurrency Questions and Answers

ICo Presale
The Science Behind ICO Presales…
October 14, 2021
Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin65,821 0.91 % 3.14 % 14.50 %
Ethereum4,310.5 0.50 % 11.76 % 19.55 %
Binance Coin494.04 0.52 % 1.73 % 5.21 %
Cardano2.290 0.31 % 7.52 % 4.48 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Solana191.28 0.01 % 20.86 % 28.90 %
XRP1.150 0.22 % 4.25 % 2.33 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2566 0.23 % 5.14 % 10.23 %
USD Coin1.000 0.14 % 0.20 % 0.17 %

bitcoin
Bitcoin (BTC) $ 66,185.00
ethereum
Ethereum (ETH) $ 4,302.36
binance-coin
Binance Coin (BNB) $ 495.94
cardano
Cardano (ADA) $ 2.29
tether
Tether (USDT) $ 1.00
solana
Solana (SOL) $ 191.67
xrp
XRP (XRP) $ 1.16
polkadot
Polkadot (DOT) $ 44.34
dogecoin
Dogecoin (DOGE) $ 0.255877
usd-coin
USD Coin (USDC) $ 1.00