Skip to main content
  1. Home
  2. Mobile
  3. News

There’s a major Android bluetooth security flaw. Here’s how to fix it

By

Looks like it’s time to check if you have an Android security update available to your phone. A new security flaw has been discovered in Android — and this time, it uses Bluetooth to allow access to your phone.

Recommended Videos

The flaw, called BlueFrag, takes advantage of Bluetooth in Android 8 and 9, and it basically allows hackers to execute code on your device. The result? Hackers can fully access anything stored on your phone, and install malware without your knowledge.

Related

Of course, this sounds a little scarier than it actually is. Because it uses Bluetooth, would-be attackers have to be within Bluetooth range of your phone, which is around 33 feet. Hackers also need to know your device’s Bluetooth MAC address — though that address is relatively easy to figure out.

Still, the flaw isn’t something you would want to be vulnerable to — and thankfully, there are ways to guard against it. The February 2020 security patch comes with a fix to the flaw, and devices running Android 10 are already safe.

And don’t assume that you’re safe if you’re running a version of Android older than Android 8. The researchers who discovered the bug said that they tested it on devices running Android 8 or later — so it’s entirely possible that the flaw can be found in older versions too. The flaw itself does exist in Android 10, but thanks to changes in how Android implements Bluetooth, it’s not exploitable. Still, it’s worth keeping up with security updates as they’re made available.

Of course, not everyone will be able to install the February 2020 security patch or the latest version of Android because of how old their phone is — and if that’s you, and you’re worried about this hack, then you may want to limit your Bluetooth use. You could, for example, try and turn Bluetooth off whenever you’re not actually using it, or switch to wired headphones and other devices instead.

While it’s always a good idea to protect yourself as much as possible from exploits like this, it’s currently unclear how many hackers are actually working to take advantage of the flaw — and we’re betting the number is pretty low.

Editors’ Recommendations

Topics
Christian de Looper
Christian de Looper
Contributor
Christian de Looper is a long-time freelance writer who has covered every facet of the consumer tech and electric vehicle…
Vuzix upgrades M400 smart glasses to Android 13, boosting security
Vuzix M400 AR glasses sit on a dummy.

Vuzix has upgraded its flagship M400 enterprise smart glasses with Android 13, offering businesses a more secure, efficient way to manage their wearable tech.

The update ensures that users benefit from advanced security protocols and improved device management, making it easier for companies to deploy these smart glasses across large teams while maintaining the highest levels of security.

Read more
This Apple Watch feature was driving me crazy. Here’s how I fixed it
Smart Stack and Live Activity on the Apple Watch Series 10.

After living with my Apple Watch Series 10 for a short while, I noticed that I’d often look down and not see the watch face, which bothered me quite a lot. Instead, my gaze would be greeted by the Smart Stack.

I just wasn’t quite sure why, and I was getting annoyed. If you’re seeing the same thing, here’s why it’s happening and what you can do about it.
A new feature that I can't stand
My Apple Watch Series 10 with the Smart Stack and a Live Activity Andy Boxall / Digital Trends

Read more
A virus infected more than 11 million Android devices. Here’s what we know
A person holding an Android phone while on a bike. The display shows the Google Play Store.

According to statistics, it's expected that people will download 143 billion apps in 2026 alone. That's a lot of people and a lot of phones, so it's no surprise that bad actors have pinpointed the Play Store as an ideal distribution center. According to security researchers at Kaspersky SecureList, the infamous Necro malware has been found in Android, with more than an estimated 11 million devices infected.

The estimated download count comes from the researchers taking a look at the different infected apps. There are several that are confirmed infected, including Wuta Camera and Max Browser. There are also WhatsApp mods from unofficial sources that carry the malware, as well as a Spotify mod called Spotify Plus — yes, like the premium service. The report also touches on a number of infected mods for games like Minecraft and Melon Sandbox.

Read more