After performing an information security audit, Google revealed a security flaw in Titan, its Bluetooth security key, which would allow an attacker located near the device to bypass the protection that this tool provides. Google announced that it would replace the users’ faulty security keys.
The specialists determined that the flaw exists due to an erroneous configuration in the Bluetooth pairing protocol of the Titan devices. According to the experts who conducted the information security audit, this vulnerability affects all Bluetooth security keys, which are sold at an average cost of $50 each.
To exploit this vulnerability, a hacker would have to be physically close to the security key (about 10 meters, the Bluetooth range); if the attacker is near the victim, they can abuse the misconfigured protocol to connect their own device to the security key before the victim connects to login to a compromised account.
In addition, before the security key can be used, it must be paired with the users’ device, as if it were a pair of headphones. Threat actors could exploit this feature to use their own devices, disguising them as a security key to connect to the victim’s device when the key button is pressed.
It is important to note that all this process must be done at the very moment when the security key is connected to a device; in addition the attacker must know the access credentials of the victim, increasing the complexity of the attack, according to the experts who conducted the information security audit.
The company assures that this drawback does not intervene in the primary work of the Titan security key, which is to protect users against phishing attacks, and invite users to continue using their device until Google sends them a replacement.
According to specialists from the International Institute of Cyber Security (IICS) it is much safer to use a key with a Bluetooth protocol issue than not to use any security tools.