These Android users may be at risk, here’s why

NEW DELHI: If you are using an Android smartphone that is not running on the latest version of the operating system then you will have a reason to worry. According to security researchers at ERNW, a new vulnerability called BlueFrag has been found which allows attackers to silently deliver malware to steal data from nearby smartphones.

This bug is affecting the devices running on Android 8.0 Oreo or Android 9.0 Pie. To launch the attack, the hacker needs to know the Bluetooth MAC address of the target. For some devices, the Bluetooth MAC address can be deduced from the WiFi MAC address. This vulnerability can lead to theft of personal data and could potentially be used to spread malware, ERNW said.

The Android 10 users need not worry as the vulnerability doesn't affect them. The researchers also add that the smartphone running on the Android version older than Oreo might also be affected by the malware.

The researchers said that users can protect themselves by installing the latest security patch which is of February 2020. In case your smartphone is not eligible for the update, then you are advised to enable Bluetooth only when it is necessary. Also, it is advised to keep your device non-discoverable. ERNW, also said, "most devices are only discoverable if you enter the Bluetooth scanning menu. Nevertheless, some older phones might be discoverable permanently."

Recently, Google announced it has paid $6.5 million in rewards, around Rs 46.4 crore, to hackers in 2019 to keep the internet safe. As part of the Vulnerability Reward Programs (VRPs), hackers were paid to find security flaws and bugs in Google products which includes Chrome and Android to keep end users safe.