Your earphones may be spying on you through this new Bluetooth attack: How to stay safe

Wireless earphones and speakers have become part of daily life. People use them while walking, working, or travelling. But a new security finding shows that these handy gadgets can also open the door to silent spying. Researchers have uncovered a Bluetooth-based attack that lets nearby attackers take over popular audio devices without the owner knowing. The risk affects many well-known brands and can even reach people who do not use Android phones. The attack works quickly and needs only short-distance access. Once it happens, the attacker can listen, play sounds, or track movement. This discovery has raised fresh concerns about everyday digital safety and how simple habits can reduce exposure for families, commuters, and remote workers worldwide.

What is the WhisperPair Bluetooth attack?

WhisperPair attack is a recently identified Bluetooth vulnerability that targets the device pairing process when using the functionality. The attack is said to take advantage of weak security checks used when two Bluetooth devices connect. An attacker within a range of 50 metres can monitor or interfere with the pairing signals and pose as a trusted device, often without alerting the user. Experts say that the risk is higher for smart devices, wearables, and Internet of Things (IoT) products that rely on basic Bluetooth pairing methods.

Also read: Elon Musk tells people to avoid ChatGPT citing emotional harm fears, Sam Altman responds

What hackers can do after gaining control of your audio devices

Once an attacker gets access, the risk is more than just annoying sounds. They can play their own music, interrupt your calls, or use the device’s microphone to listen to you. This means your private conversations could be overheard. In some cases, attackers can also track your location by how the device connects. Because of this, even simple headphones can be risky to use, especially in public places like roads, cafes, or trains.

Also read: OpenAI begins testing ads in ChatGPT, pitches chatbot promotions to select brands

How WhisperPair exploits Google Fast Pair and affects popular devices

The attack takes advantage of Google Fast Pair, a feature made to help devices connect quickly and easily. Fast Pair is used by many brands to improve user experience. Researchers found that this system has weaknesses that can be misused. Because of this, audio devices from brands like OnePlus, Xiaomi, Nothing, JBL, Sony, and Marshall are affected. The problem is not limited to Android users. Even iPhone users can be exposed if their audio device supports Fast Pair. This makes the issue wider than many people expect.

Also read: Motorola Signature India price and specifications leaked ahead of launch: Here’s what you can expect

How to stay safe from WhisperPair and Bluetooth-based cyber attacks

Users can stay safe from WhisperPair and Bluetooth-based cyberattacks by following the below-mentioned:

• Turn off the Bluetooth functionality when not using the wireless connectivity.
• Avoid pairing new Bluetooth devices like the headphones or speakers when you’re in a public place.
• Do not accept any Bluetooth connection requests other than when you initiate.
• Update the firmware for your earbuds, headphones, speakers and other wireless devices regularly.
• Remove old and unused Bluetooth connections from the list of your paired Bluetooth devices on your device.
• Restart audio devices whenever you hear unusual sounds, behaviour, or connection-disconnection.