Researchers at ERNW, a German cybersecurity company, discovered a critical vulnerability in versions 8 and 9 of the Android operating system. Through CVE-2020-0022, known as BlueFrag, hackers can remotely access victims' devices via Bluetooth connections. Experts reported the security flaw Google, which already fixed it in the February security update for Android.
According to ERNW experts, cybercriminals take advantage of the security breach to act silently in situations close to the most vulnerable equipment. To attack the victims, hackers do not need to interact with the user, they only need the MAC address of Bluetooth of the device in question.
The vulnerability could allow data theft from the most unsuspecting users, as well as infecting the system with malicious software. Although ERNW indicates that BlueFrag is mainly present in Android versions 8 and 9, the company is still checking whether the failure affects older systems. For now, version 10 is immune to vulnerability, since it cannot be exploited in this Operating System.
In order to prevent your smartphone or tablet from being attacked and that the data is not compromised, ERNW recommends extra attention and care. The company indicates that users should not forget about Google's security updates, especially the most recent. If the version of the equipment's operating system is no longer supported, ERNW recommends turning on Bluetooth only when this is strictly necessary. In addition, users should not make their device visible to everyone.