The new vulnerability affects over a billion Android and Windows devices

Cybersecurity researchers have identified a new vulnerability that is present on devices with Bluetooth modules. According to the source, this security issue threatens more than a billion devices running Android and Windows. The malware is available in the firmware of Bluetooth chips from Qualcomm, Silicon Labs, Intel, and others.

The vulnerability is present in the firmware of eleven manufacturers of Bluetooth modules. Experts call the exploit itself BrakTooth, and so far only three vendors have released fixes to protect against future hacks: BluTrum, Expressif, and Infineon. Others, including Intel and Qualcomm, have yet to solve this problem.

In addition, since jailbreaking requires Bluetooth to be enabled on the device, users are advised to disable Bluetooth as a reliable precaution until all firmware patches are released by the respective manufacturers.

Known products with vulnerability (only some models are listed):

• smartphones - Pocophone F1, Oppo Reno 5G and others;

• Dell laptops - Optiplex, Alienware and others;

• Microsoft Surface devices - Surface Go 2, Surface Pro 7, Surface Book 3, and more.

Many hackers have already used this method to gain illegal access to Bluetooth-enabled devices in order to eavesdrop, steal data, infect with malware, or even take full control of the device.

Full technical details and explanations of all 16 vulnerabilities can be found on the dedicated BrakTooth website, where they are numbered V1 through V16. The researchers claim that all 11 vendors were notified of these security issues months ago, well before they published their research findings.