logo
Spy Attack Alert For Headphone Users — Is Yours On The At Risk List?

Spy Attack Alert For Headphone Users — Is Yours On The At Risk List?

Forbes30-06-2025
Bluetooth vulnerability puts headphone users at risk.
Hackers are, by their very nature, ingenious and inventive. It comes as part of the job description, and so this latest revelation should come as no surprise. After all, we've already seen hackers using printers, lightbulbs, vacuum cleaners and smartwatches in attack scenarios. Not to mention automatic password hacking machines and, of course, critical vulnerability exposure. And it's the latter, a vulnerability, that brings us nicely to the threat at hand. Researchers have found that more than two dozen earbuds, headphones, speakers and wireless mics from big-name brands are vulnerable to an attack that could see a skilled hacker successfully spying on the user, and even exfiltrating data from some smartphones. Here's what you need to know.
Listen Carefully — This Spy Threat Comes Via Your Audio Tech
There's something particularly insidious about a security threat that can exploit the technology we use to escape from the hubbub, to unwind, listen to music and podcasts, and spy on us. What's more, according to Dennis Heinze, a security analyst and researcher at ERNW, 'any vulnerable device can be compromised if the attacker is in Bluetooth range. That is the only precondition.' Now that, dear reader, is somewhat concerning.
A recently published security alert by security researchers at ERNW has identified several Bluetooth security vulnerabilities affecting audio devices, including those from well-known earphone and headphone brands that utilize Airoha Systems on a Chip.
Airoha is 'a large supplier in the Bluetooth audio space, especially in the area of True Wireless Stereo (TWS) earbuds,' Heinze said. While stating that ERNW does not want to disclose proof of concept code or too many technical details at this point, Heinze added that he wanted 'inform about these vulnerabilities, especially their impact and the difficulties around patching them.'
What ERNW and Heinze have said, however, is that, in most cases, 'these vulnerabilities allow attackers to fully take over the headphones via Bluetooth.' There is absolutely no authentication or pairing involved, as long as the hacker is within Bluetooth range, your headphones could be vulnerable. The researcher said that attackers could read and write to device RAM and flash memory, and could 'hijack established trust relationships with other devices, such as the phone paired to the headphones.'
CVE-2025-20700 (missing authentication for the Generic Attribute Profile service) and CVE-2025-20701 (missing authentication for Bluetooth Basic Rate/Enhanced Data Rate) are both high-risk vulnerabilities with a severity rating of 8.8/10. However, CVE-2025-20702, which Heinze described as presenting 'critical capabilities of a custom protocol,' has been given a critical rating, under the Common Vulnerability Scoring System, of 9.6/10.
The Threat From These Audio Spy Attacks Explained
Like many such reports, although the headline threat is indeed rather worrying, the real-world impact is likely to be significantly less, in my never humble opinion. 'One attack we implemented was reading out the currently playing media from the headphones via the RAM reading commands,' Heinze said. More worryingly, Heinze reported that exploiting the broken BR/EDR pairing was able to allow an attacker to listen to what the device microphone was recording. Again, in the real-world this wouldn't be very secret squirrel as the exploit would cause whatever the victim was listening to be dropped. 'For it to go unnoticed,' Heinze confirmed, 'headphones have to be turned on, but not in active use.'
And then we come to the smartphone issue. This exploits the trust between a Bluetooth device and the phone it has paired with. 'If an attacker can impersonate the headphones they could hijack this trust relationship in numerous ways,' Heinze said, including issuing commands to the smartphone in question. ERNW was able to demonstrate an exploit, using a full attack chain, that allowed for the calling of an arbitrary number from the smartphone. 'Under the right conditions,' Heinze warned, 'the established call allowed us to successfully eavesdrop on conversations or sounds within earshot of the phone.' It also allows for the extraction of call history and stored contacts data, Heinze said.
Most people do not need to panic, with journalists, diplomats, political dissidents, people in sensitive industries and VIPs under surveillance being named as the most likely targets of any attacks. The kind of people who should know not to use Bluetooth headphones. Everyone, Heinze said, should patch their firmware as soon as one becomes available. In the meantime, at-risk users might want to wait for a patch until they use their headphones again. 'Please ensure that you also remove the pairing between the headphones and your mobile phone,' Heinze added.
'Ensuring complete trust in software and the technologies it supports is incredibly challenging,' Boris Cipot, a senior security engineer at Black Duck, said. With every new advancement comes the risk of unknown vulnerabilities, of course, flaws that may only be uncovered later by dedicated security researchers, Cipot warned.
'What matters most now is delivering timely updates and patches so users can operate their devices without worrying about being compromised,' Cipot said; 'Vendors using Airoha TWS technology must ensure customers receive these critical updates seamlessly via an automated upgrade process. Relying on users to manually update their devices simply isn't effective.'
The Spy Attack Headphones At Risk List
Heinze has said that Airoha has fixed the vulnerabilities in the software development kit and supplied a new version to device manufacturers in the first week of June. The manufacturers now have to build and distribute firmware updates, so expect to see these soon if they have not dropped already.
I have approached Airoha for a statement
'We can confirm that the issues are prevalent in many entry-level and flagship models,' Heinze said, adding that ERNW confirmed Beyerdynamic, Marshall and Sony as impacted vendors. 'We know of many more devices using the chips that we assume to be vulnerable, too,' Heinze concluded.
The following devices were listed as being vulnerable by the ERNW researchers:
A Jabra spokesperson provided the following statement:
'At Jabra we are aware of the recently discovered Bluetooth vulnerability for Airoha chipset devices, which include the Jabra Elte 8 and Elite 10 earbuds. We have taken steps immediately to work on a firmware update to include the Airoha security patch and this will be rolled out very shortly. Jabra continues to support the Elite 8 and 10 earbuds despite having stopped the production of the Elite product line last year. We want to emphasize that no other Jabra audio devices or headsets within our portfolio are affected by this vulnerability.'
I have contacted all the vendors listed above for a statement regarding the spy exploit research and will update this article when I have further information.
Orange background

Try Our AI Features

Explore what Daily8 AI can do for you:

Comments

No comments yet...

Related Articles

Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed
Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed

Associated Press

time6 minutes ago

  • Associated Press

Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed

Tea, an app designed to let women safely discuss men they date has been breached, with thousands of selfies and photo IDs of users exposed, the company confirmed on Friday. Tea said that about 72,000 images were leaked online, including 13,000 images of selfies or selfies featuring a photo identification that users submitted during account verification. Another 59,000 images publicly viewable in the app from posts, comments and direct messages were also accessed without authorization, according to a Tea spokesperson. No email addresses or phone numbers were accessed, the company said, and the breach only affects users who signed up before February 2024. 'Tea has engaged third-party cybersecurity experts and are working around the clock to secure its systems,' the company said. 'At this time, there is no evidence to suggest that additional user data was affected. Protecting tea users' privacy and data is their highest priority.' Tea presents itself as a safe way for women to anonymously vet men they might connect with on dating apps such as Tinder or Bumble — ensuring that your date is 'safe, not a catfish, and not in a relationship.' 'Tea is a must-have app, helping women avoid red flags before the first date with dating advice, and showing them who's really behind the profile of the person they're dating,' reads Tea's app store description. 404 Media, which earlier reported the breach, said it was 4Chan users who discovered an exposed database that 'allowed anyone to access the material' from Tea. 'While reporting this story, a URL the 4chan user posted included a voluminous list of specific attachments associated with the Tea app. 404 Media saw this list of files. In the last hour or so, that page was locked down, and now returns a 'Permission denied' error,' 404 Media reported Friday. Tea said in an Instagram post this week that it has reached 4 million users.

Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed
Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed

Yahoo

time10 minutes ago

  • Yahoo

Tea, an app for women to safely talk about men they date, has been breached, user IDs exposed

Tea, an app designed to let women safely discuss men they date has been breached, with thousands of selfies and photo IDs of users exposed, the company confirmed on Friday. Tea said that about 72,000 images were leaked online, including 13,000 images of selfies or selfies featuring a photo identification that users submitted during account verification. Another 59,000 images publicly viewable in the app from posts, comments and direct messages were also accessed without authorization, according to a Tea spokesperson. No email addresses or phone numbers were accessed, the company said, and the breach only affects users who signed up before February 2024. 'Tea has engaged third-party cybersecurity experts and are working around the clock to secure its systems,' the company said. 'At this time, there is no evidence to suggest that additional user data was affected. Protecting tea users' privacy and data is their highest priority.' Tea presents itself as a safe way for women to anonymously vet men they might connect with on dating apps such as Tinder or Bumble — ensuring that your date is 'safe, not a catfish, and not in a relationship.' 'Tea is a must-have app, helping women avoid red flags before the first date with dating advice, and showing them who's really behind the profile of the person they're dating,' reads Tea's app store description. 404 Media, which earlier reported the breach, said it was 4Chan users who discovered an exposed database that 'allowed anyone to access the material" from Tea. 'While reporting this story, a URL the 4chan user posted included a voluminous list of specific attachments associated with the Tea app. 404 Media saw this list of files. In the last hour or so, that page was locked down, and now returns a 'Permission denied' error,' 404 Media reported Friday. Tea said in an Instagram post this week that it has reached 4 million users. Solve the daily Crossword

Down 18%, Should You Buy the Dip on ASML Holding?
Down 18%, Should You Buy the Dip on ASML Holding?

Yahoo

timean hour ago

  • Yahoo

Down 18%, Should You Buy the Dip on ASML Holding?

Key Points ASML stock fell following the release of its latest quarterly report thanks to a cloudy 2026 outlook. However, the slide in the company's stock price in the past year seems like a buying opportunity. ASML trades at an attractive valuation, and the company should still be able to deliver healthy growth. 10 stocks we like better than ASML › ASML Holding (NASDAQ: ASML) is one of the most important semiconductor companies in the world, as its machines allow chipmakers and foundries to manufacture chips that power multiple applications ranging from data centers to smartphones to computers to cars, among other things. However, the stock's performance has been quite disappointing in the past year. ASML stock has lost 18% of its value during this period. The company's latest results for the second quarter of 2025 added to investors' misery. ASML stock fell more than 8% following release of the company's Q2 report on July 16. Let's see why that was the case and find out if this semiconductor stock's poor performance in the past year is an opportunity for savvy investors to buy a potential long-term winner. ASML's cloudy 2026 guidance is weighing on the stock ASML's latest quarterly numbers ticked all the right boxes. The company reported a 24% increase in revenue from the year-ago period, while its earnings shot up by 47%. Its numbers were well ahead of consensus expectations. The Dutch company received new orders worth 5.5 billion euros during the quarter, well ahead of the Wall Street estimate of 4.8 billion euros. However, ASML's Q3 guidance of 7.4 billion euros to 7.9 billion euros in revenue was lower than analysts' expectations of 8.2 billion euros. Investors were also alarmed by the company's 2026 outlook. Though it is expecting a 15% increase in revenue this year, CEO Christophe Fouquet remarked that while the company is preparing "for growth in 2026, we cannot confirm it at this stage." ASML's 2026 outlook is clouded by the "increasing uncertainty driven by macro-economic and geopolitical developments" even though it is witnessing strong demand from artificial intelligence (AI) customers. So, while ASML's bookings increased by 40% on a quarter-over-quarter basis, the company's conservative guidance indicates that it is wary of the ongoing tariff-related turmoil and export controls that have the potential to hamper semiconductor sales. As such, there is a good chance that ASML stock could continue to remain under pressure in the near term on account of the negative sentiment created by its cautious outlook. However, if the stock continues to dip further, it may be a good idea to buy it from a long-term perspective. The company is confident of achieving its long-term targets Though ASML has warned about the potential impact of tariffs and other geopolitical developments on its growth next year, the company believes that the semiconductor market will keep growing in the long run, thanks to catalysts such as AI. That's the reason why ASML has reiterated its 2030 revenue forecast of 44 billion euros to 60 billion euros, the midpoint of which points toward a 60% increase in its top line from this year's projected revenue of 32.5 billion euros. ASML also expects its gross margin to land between 56% and 60% by the end of the decade. Again, that would be a nice bump over its 2025 gross margin forecast of 52% at the midpoint. The long-term guidance seems achievable considering the global investments being made in AI infrastructure, which is encouraging semiconductor manufacturers to increase their capital expenses on equipment. McKinsey is forecasting that a whopping $6.7 trillion will be spent on data centers across the globe by 2030 to support both AI and non-AI workloads. The firm adds that 60% of the spending will go toward manufacturing chips and other computing hardware. Not surprisingly, McKinsey is expecting a $1 trillion investment in new semiconductor plants through the end of the decade. ASML's 90% share of the global lithography equipment market puts it in a solid position to capitalize on this massive spending on semiconductor plants over the next five years. As a result, there is a good chance that ASML will be able to regain its mojo in the long run and deliver solid gains to investors. That's why buying ASML stock while it is under pressure could turn out to be a smart move. It is trading at 26 times earnings right now, which is a discount to the average earnings multiple of 51 for the U.S. technology sector. The company's growth has been solid of late, as its latest quarterly results tell us, and the prospects of the semiconductor equipment market could help it sustain that momentum in the long run as well. Considering the potential margin gains that ASML is anticipating over the next five years, the company seems set to deliver robust bottom-line growth. In all, savvy investors can consider accumulating this semiconductor stock while it is under pressure as it could eventually turn out to be a winner going forward. Should you invest $1,000 in ASML right now? Before you buy stock in ASML, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and ASML wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $634,627!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $1,046,799!* Now, it's worth noting Stock Advisor's total average return is 1,037% — a market-crushing outperformance compared to 182% for the S&P 500. Don't miss out on the latest top 10 list, available when you join Stock Advisor. See the 10 stocks » *Stock Advisor returns as of July 21, 2025 Harsh Chauhan has no position in any of the stocks mentioned. The Motley Fool has positions in and recommends ASML. The Motley Fool has a disclosure policy. Down 18%, Should You Buy the Dip on ASML Holding? was originally published by The Motley Fool Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store