Flipper Zero Can Now Spam Android, Windows Users with Bluetooth Alerts

26/10/2023
Stacy Cook
3 Min Read
26/10/2023

The Flipper Zero, a popular multi-tool for hackers and tinkerers, can now be used to spam Android and Windows users with Bluetooth alerts. This is thanks to a new feature added to a custom Flipper Zero firmware called Xtreme.

Key Highlights:

  • A custom Flipper Zero firmware called Xtreme has added a new feature to perform Bluetooth spam attacks on Android and Windows devices.
  • The attacker spoofs advertising packets and transmits them to devices in range of pairing and connection requests.
  • These attacks are more of an annoyance rather than a real threat, but they can be used for social engineering or other threat scenarios.
  • Android and Windows users can block these notifications by going to their device settings.

flipper zero 01

The attacker spoofs advertising packets and transmits them to devices in range of pairing and connection requests. These packets can be customized to display any message the attacker wants, such as a phishing link or a fake notification from a popular app.

While these attacks are more of an annoyance than a real threat, they can be used for social engineering or other threat scenarios. For example, an attacker could use Bluetooth spam to trick users into clicking on a malicious link or downloading a malware-infected app.

Android and Windows users can block these notifications by going to their device settings and disabling Bluetooth connection requests.

Security researchers warn that the Flipper Zero Bluetooth spam attack could be used in conjunction with other social engineering techniques to launch more sophisticated attacks. For example, an attacker could send a Bluetooth spam notification that looks like it’s from a legitimate app, such as a bank or social media platform. If the user clicks on the notification, they could be taken to a fake website that looks like the real app, but is actually controlled by the attacker.

How to block Bluetooth spam attacks on Android:

  1. Go to Settings.
  2. Tap on Google.
  3. Tap on Nearby Share.
  4. Toggle off the switch next to Show notification.

How to block Bluetooth spam attacks on Windows:

  1. Go to Settings.
  2. Click on Bluetooth and devices.
  3. Under More Bluetooth settings, click on Advanced options.
  4. Under Show notifications for, uncheck the box next to Show notifications for new Bluetooth devices.

The Flipper Zero is a powerful tool that can be used for both good and bad purposes. It is important to be aware of the potential security risks associated with using the Flipper Zero, and to take steps to protect yourself from malicious attacks.

Tags

About the author

View All Posts

Stacy Cook

Stacy is a certified ethical hacker and has a degree in Information Security. She keeps an eye on the latest cybersecurity threats and solutions, helping our readers stay safe online. Stacy is also a mentor for young women in tech and advocates for cybersecurity education.