Dare to Wear? to be Hacked in 10 Seconds!
The Whack: That sweet smile may be described as euphoric at best for someone who loves technology and be able to experience the latest. But a vulnerability has been found to be exposed on FitBit fitness trackers that make use of Bluetooth ports to infect the wearable device with malware such as Trojans and then pass on to other computers that get connected with the device.
What is amazing about this exploit is that it can happen as someone with a sniffer tool sits next to you as you take a breath. It takes all of a few seconds to transfer the malicious code to your wearable device. Once the malicious code is into the device, the attacker need not be present in the vicinity as the code replicates and re-codes itself into the malware such as a Trojan without any other external assistance. The following video from Apvrille, a respected malware researcher offers an insight into how the exploit works.
Though the company that develops the Fitness Tracker device claims there is no inherent vulnerability in their devices and the vulnerability highlighted is only a proof of concept not an actual exploit, nevertheless the fact that this can be done is concern enough to warrant serious attention. Imagine, if the infection can spread from the tracker to a health monitoring device or one protecting your heart.
The Whack: Bluetooth is inherently vulnerable and there is dire need to replace this communication technology with something that cannot be exploited. Secondly, device manufacturers need to get certified that their devices are thoroughly test for all forms of existing vulnerabilities based on an Internationally acceptable standard with penalties for breaching the same.
Technology buffs need to not just look at the coolness of the latest technology offering but also at the security aspect and that requires them to be aware of security issues.
Source: Google Image Search