The Whack: That sweet smile may be described as euphoric at best for someone who loves technology and be able to experience the latest. But a vulnerability has been found to be exposed on FitBit fitness trackers that make use of Bluetooth ports to infect the wearable device with malware such as Trojans and then pass on to other computers that get connected with the device.

What is amazing about this exploit is that it can happen as someone with a sniffer tool sits next to you as you take a breath. It takes all of a few seconds to transfer the malicious code to your wearable device. Once the malicious code is into the device, the attacker need not be present in the vicinity as the code replicates and re-codes itself into the malware such as a Trojan without any other external assistance. The following video from Apvrille, a respected malware researcher offers an insight into how the exploit works.

Fitbit

Though the company that develops the Fitness Tracker device claims there is no inherent vulnerability in their devices and the vulnerability highlighted is only a proof of concept not an actual exploit, nevertheless the fact that this can be done is concern enough to warrant serious attention. Imagine, if the infection can spread from the tracker to a health monitoring device or one protecting your heart.

The Whack: Bluetooth is inherently vulnerable and there is dire need to replace this communication technology with something that cannot be exploited. Secondly, device manufacturers need to get certified that their devices are thoroughly test for all forms of existing vulnerabilities based on an Internationally acceptable standard with penalties for breaching the same.

Technology buffs need to not just look at the coolness of the latest technology offering but also at the security aspect and that requires them to be aware of security issues.

Source: Google Image Search

About The Author

"Founded in July, 2016, WhackHack.com is a cyber security blog that covers important security issues affecting common users, industry and governments. It aims to create awareness among its readers about malware, hacking, encryption, identity theft, privacy, etc and also offer solutions to protect themselves from such attacks"

1 Comment

  1. […] one is Ransomware for medical devices and wearable gadgets. Whackhack had posted an article titled Dare to Wear? To be Hacked in 10 Seconds! on how easily malware can be upload to a wearable device. With more and more people opting for […]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

20 − three =

Close