Flipper Zero Adapted for Bluetooth Spam on Android and Windows Devices

The alternative Xtreme firmware for Flipper Zero has introduced a new feature that enables Bluetooth attacks on devices running Android and Windows. Previously, a cybersecurity researcher demonstrated similar Bluetooth spam attacks on iOS devices, which inspired enthusiasts to experiment with other platforms.

In September 2023, a security specialist known as Techryptic showed that it’s possible to disrupt iPhone operation using Flipper Zero by sending numerous fake Bluetooth device connection messages.

How the Attack Works

Apple devices that support Bluetooth Low Energy (BLE) use advertising packets (ADV packets) to announce their presence to other devices. These ADV packets are widely used in the Apple ecosystem for data exchange via AirDrop, connecting Apple Watch or Apple TV, activating Handoff, and many other scenarios.

Flipper Zero can spoof these ADV packets and transmit them via BLE. As a result, nearby BLE-enabled devices interpret these packets as connection requests. This feature can be used to send a victim multiple fake requests, making it harder to recognize legitimate devices, imitating trusted devices for phishing attacks, and more.

New Features in Xtreme Firmware

The Xtreme firmware developers announced on Discord that such “spam attacks” will be included in the next firmware release. They shared a demo video showing a denial-of-service (DoS) attack on a Samsung Galaxy device: a constant stream of connection notifications makes the device nearly unusable.

Although the new firmware is not yet stable, the spam attack functionality is already available in the latest development build on GitHub through a new app called BLE Spam. YouTuber Talking Sasquach has already tested the new firmware on his Flipper Zero and demonstrated that the attack works against both Windows and Android devices.

Available Attack Options

Currently, BLE Spam offers users eight attack options, including:

• iOS 17 Lockup Crash
• Apple Action Modal
• Apple Device Popup
• Android Device Pair
• Windows Device Found
• All methods at once

After selecting an attack type, Flipper Zero starts transmitting the corresponding Bluetooth packets, causing pop-ups and notifications to appear on devices within range.

Potential Impact and Mitigation

Overall, these attacks do not pose a significant real-world threat but can be highly annoying. BLE Spam also allows users to create custom notifications, making attacks more sophisticated and potentially useful for social engineering.

By default, devices running Android 14 and Windows 11 display notifications for Bluetooth connection requests, but these can be easily disabled in the settings:

• On Android: Go to Settings > Connected Devices > Connection preferences > Nearby Share and disable the feature.
• On Windows: Go to Settings > Bluetooth & devices > Devices, scroll down to Device settings, and toggle Show notifications to connect using Swift Pair to Off.