October 25, 2023 at 02:56PM
A custom Flipper Zero firmware called ‘Xtreme’ allows for Bluetooth spam attacks on Android and Windows devices. The firmware incorporates a new app called ‘BLE Spam’ that can flood devices with connection notifications. While it is more of an annoyance than a threat, users can block these notifications on Android and Windows devices to avoid the disruption.
From the meeting notes, it appears that a custom firmware called ‘Xtreme’ for the Flipper Zero device has introduced a new feature that enables Bluetooth spam attacks on Android and Windows devices. This feature allows the device to spoof advertising packets and transmit them to devices in range, confusing the target and potentially disrupting the user experience with constant notifications.
The Xtreme firmware has not yet reached stable status, but a demo video on the Flipper Xtreme Discord channel showcases a denial of service attack on a Samsung Galaxy device. The attack renders the device unusable due to a continuous feed of connection notifications.
To carry out these spam attacks, the Flipper Zero device utilizes an app called ‘BLE Spam,’ which is available on GitHub. The app provides various flood attack options, and selecting any of them causes the Flipper Zero to broadcast corresponding Bluetooth packets to devices nearby, resulting in pop-up connectivity prompts and notifications.
Although these attacks are primarily an annoyance rather than a serious threat, they could be potentially used in social engineering or other threat scenarios due to the ability to craft custom notifications.
To block these spam attacks, there are simple steps that users can follow on Android and Windows devices. On Android, users can go to Settings → Google → Nearby Share or Settings → Connected Devices → Connection preferences → Nearby Share and turn off the “Show notification” toggle. On Windows, users can go to Settings → Bluetooth & devices → Devices → Device settings and turn off the “Show notifications to connect using Swift Pair” toggle.
It’s important to note that these spam attacks cannot execute code on recipient devices or directly cause harm. However, awareness of the potential for phishing is crucial, and knowing how to stop the notifications can save time and frustration in cases of persistent pranking.