"Researchers Found Another Way to Hack Android Cellphones via Bluetooth"
Security researchers at DBAPPSecurity have discovered an authentication bypass vulnerability, dubbed “BlueRepli.” An adversary can bypass authentication by imitating a device that has previously been connected with a target. Victims do not need to give permission to a device for the exploit to work. The exploit makes it so that the victim has no awareness at all when attackers access their phone book or SMS messages. If the vulnerability is exploited, attackers can steal users’ contacts, call logs, and short messages. The vulnerability also allows adversaries to send fake text messages from victim devices if they exploit any device made by one particular Android manufacturer.
CyberScoop reports: "Researchers Found Another Way to Hack Android Cellphones via Bluetooth"