This security researcher fooled an at-home COVID-19 test using a Bluetooth hack

A security researcher was able to change the results of an at-home COVID test and get those results certified by intercepting and modifying Bluetooth traffic from the device before it reached the app. The researcher, Ken Gannon, found the flaw in Ellume’s nasal swab test, which is designed to analyze and transmit data to a companion app which displays and saves the results. According to a press release from F-Secure, the security company Gannon consults for, Ellume has now fixed the issue.

The process of falsifying results wasn’t a simple one — according to F-Secure’s writeup, the researcher used a rooted Android device to tap into and analyze the data the tester was sending to the app. From there, Gannon was able to determine how the...

Continue reading…