A security researcher has developed a method by which one can exploit a vulnerability in FitBit fitness trackers and subsequently deliver malware to the target device in 10 seconds.
Axelle Apvrille (@cryptax), a malware researcher at network security firm Fortinet, has found that FitBit wearables are open on their Bluetooth ports, a property which could enable an attacker to connect a device from within a few meters away and deliver malware to the bracelet.
The hack takes about 10 seconds to complete and requires a minute to verify. Once the malware has been delivered, any device–laptop, PC, or otherwise–that connects to the wearable can be infected with a backdoor, trojan, or other malicious software program.
“An attacker sends an infected packet to a fitness tracker nearby at bluetooth distance then the rest of the attack occurs by itself, without any special need for the attacker being near,” Apvrille told The Register. “[When] the victim wishes to synchronise his or her fitness data with FitBit servers to update their profile … the fitness tracker responds to the query, but in addition to the standard message, the response is tainted with the infected code. From there, it can deliver a specific malicious payload on the laptop, that is, start a backdoor, or have the machine crash [and] can propagate the infection to other trackers (Fitbits).”
This is reportedly the first time malware has been delivered to a fitness tracker.
A proof-of-concept video of the hack can be viewed here.
Additionally, Apvrille will be presenting her research, which exploits a vulnerability she warned FitBit about back in March of this year and which the company expects will be patched at some point, on Wednesday at this year’s Hack.lu conference.