Experts hacked Bluetooth test for COVID-19

Researchers at F-Secure hacked a home Bluetooth COVID-19 test and were able to fake the test result.

For testing, the experts took the Ellume COVID-19 Home Test device, which uses an analyzer that connects to a smartphone via Bluetooth and works in tandem with the corresponding companion application.

During tests, researchers noticed activity com.ellumehealth.homecovid.android/com.gsk.itreat.activities.BluetoothDebugActivity. It turned out that users with root access can run it to “help interact with the analyser via Bluetooth.”

Further investigation revealed two types of Bluetooth traffic associated with the transmission of test results. The researchers write that they were able to intervene in traffic as follows:

Changing only one byte value in the status of the test [test value] in STATUS and MEASUREMENT_CONTROL_DATA traffic, and then calculating new CRC and checksum values, could change the test result to COVID even before the Ellume application processes the data.

Worse, the fake data provided by Ellume has been successfully accepted by Azova, which certifies COVID test results so that travellers can enter the United States.

Also, the F-Secure report details how one of the company’s employees used the Ellume device to check for COVID, the test turned out negative, but the experts applied the aforementioned methods to change the result.

Researchers from F-Secure shared their best practices on GitHub.

Fortunately, the problem has now been fixed. The specialists notified the Ellume developers of their findings, and they made changes to their product. In particular, additional obfuscation and OS checks were introduced in the Android application, and now additional analysis of test results is being carried out, which is designed to identify fake data.

Ellume has updated the system to detect and prevent the transmission of falsified results. In addition, we have reviewed all test results made to date and confirm that the other results were not affected by the error. We will provide a verification portal that will allow authorities (including health departments, employers, schools, event organizers, and so on) to verify the authenticity of Ellume’s COVID-19 home test,” the developers said.

Let me remind you that I also talked about various fraudulent operations speculating on the COVID-19 topic. For example, that Fake COVID-19 contact tracking apps install banking trojans, and that Cybercriminals attacked UCSF, the US leading COVID-19 vaccine developer. For example, Qatar obliged citizens to install “spyware” for containing COVID-19 pandemic.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *