A team of researchers has discovered a critical vulnerability in Google’s Fast Pair technology that allows attackers to track a victim’s location by hacking their headphones or speakers.
As first reported by Wired, the flaw was discovered by researchers at Belgium’s KU Leuven University, who dubbed it WhisperPair. It affects Bluetooth headphones from a range of brands that support Fast Pair, including Sony, Google, OnePlus, Nothing, Xiaomi, Marshall, Anker, Jabra, and Harman. (See the list below.)
The flaw lies in how some brands have implemented the Fast Pair protocol. To start pairing, a phone or laptop sends a message to the headphones. If they are not in pairing mode, they should reject the request. However, researchers found that vulnerable devices fail to reject these requests, allowing unauthorized parties to complete the pairing process without the user’s consent.
To carry out the WhisperPair attack, a hacker needs just about 10 seconds within 14 meters of the Bluetooth device. Once they gain access, they have full control of it. They can turn up the volume, change tracks, or even record a conversation. What’s worse, if the earbuds support Google’s Find Hub network, they can also track the user’s location.
The researchers shared their findings with Google in August, received a $15,000 bounty, and published their study after a 150-day non-disclosure window.
Google has confirmed that the flaw was due to the improper implementation and said that it recommended fixes to manufacturers in September. “We worked with these researchers to fix these vulnerabilities, and we have not seen evidence of any exploitation outside of this report’s lab setting,” a company spokesperson tells Engadget.
Recommended by Our Editors
Both Google and the researchers recommend that at-risk users install the latest firmware update for their audio devices. “The only way to prevent WhisperPair attacks is by performing a software update,” the researchers say.
Which Earbuds and Headphones Are At Risk?
Researchers have provided a list of at-risk models. The ones below are labeled as “vulnerable” by the team and should be updated. The process for updating firmware varies by brand; check your device’s instruction manual for more details. Several more devices are not vulnerable to WhisperPair, but researchers still recommend keeping them up to date: Sonos Ace, Audio-Technica ATH-M20xBT, JBL Flip 6, Jabra Speak2 55 UC, Bose QC Ultra Headphones, Poly VFree 60 Series, Beosound A1 2nd Gen, and Beats Solo Buds.
Earbuds
Headphones
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy
Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Our Expert
Experience
Jibin is a tech news writer based out of Ahmedabad, India. Previously, he served as the editor of iGeeksBlog and is a self-proclaimed tech enthusiast who loves breaking down complex information for a broader audience.
Read Full Bio
