Ethical Hacking News
Google's Fast Pair protocol has been found vulnerable to attacks by hackers who can secretly pair with wireless audio devices using a technique known as WhisperPair. The vulnerability allows attackers to eavesdrop on conversations, track device owners' locations, and even control affected headphones and speakers.
Researchers from KU Leuven University discovered a critical vulnerability in Google's Fast Pair protocol. The issue arises from devices not implementing Fast Pair correctly, allowing hackers to secretly pair with affected headphones, earbuds, and speakers. Avoided attacks were successful on over two dozen Bluetooth devices, hacking 17 of them. WhisperPair attacks could be used to intercept phone calls, eavesdrop on conversations, and track user location through Google's Find Hub network. Manufacturers have updated firmware to resolve the issue, but some failed to implement necessary patches. Google implemented an additional Find Hub network update to prevent WhisperPair from being used to track certain devices. WhisperPair attacks could be bypassed with old firmware, highlighting ongoing struggle between manufacturers and hackers in securing consumer devices.
In a shocking revelation, researchers from KU Leuven University's Computer Security and Industrial Cryptography group have discovered a critical vulnerability in Google's Fast Pair protocol, leaving wireless audio devices vulnerable to hackers. The attacks, dubbed WhisperPair, can allow attackers to secretly pair with affected headphones, earbuds, and speakers, even if they are already paired to another device.
According to the researchers, the issue arises from the fact that many devices do not implement Fast Pair correctly, including a Google specification that states that Fast Pair devices should not be able to connect to a new device while already paired to another. However, this specification has been consistently ignored by manufacturers, leaving consumers open to exploitation.
The researchers tested their WhisperPair attacks on over two dozen Bluetooth devices and were successful in hacking 17 of them. They were able to play their own audio through the compromised headphones and speakers at any volume, intercept phone calls, and even eavesdrop on conversations using the devices' microphones.
Furthermore, the researchers discovered that they could use WhisperPair to pair affected devices to a hacker's Google account, which would then be recognized as the device's owner. This allowed them to use Google's Find Hub network to track the user's location and movements through their headphones, assuming smartphone notifications warning of tracking were dismissed as errors.
The researchers reported their findings to Google in August 2025, and the company subsequently recommended fixes to its "accessory OEM partners." However, despite these efforts, some manufacturers have failed to implement the necessary patches, leaving consumers vulnerable to exploitation.
In response to the vulnerability, Sony, Anker, and other affected manufacturers have updated their firmware to resolve the issue. However, Google has also implemented an additional Find Hub network update to prevent WhisperPair from being used to track certain Bluetooth devices that have not been patched.
The researchers noted that it only took them a few hours to bypass the patch, using "old/not updated accessory OEM firmware," and that Google is now "looking into the bypass for this additional fix." This highlights the ongoing struggle between manufacturers and hackers in the pursuit of securing consumer devices.
The Fast Pair feature cannot be disabled, leaving consumers with limited options to protect themselves against WhisperPair attacks. The only way to mitigate the risk is for users to install firmware updates released by manufacturers that resolve the vulnerabilities.
The Verge has reached out to all affected manufacturers to confirm the progress of fixes and has received a statement from OnePlus North America, which states that "the company takes all security reports seriously" and is "currently investigating this matter and will take appropriate action to protect our users' security and privacy."
This incident serves as a stark reminder of the ongoing threat of cyber attacks on consumer devices and highlights the importance of manufacturers taking proactive measures to secure their products. As technology continues to advance, it is crucial that manufacturers prioritize the security and privacy of their customers.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Google-Fast-Pair-Vulnerability-A-Threat-to-Consumer-Privacy-ehn.shtml
https://www.theverge.com/tech/863338/google-fast-pair-whisperpair-security-vulnerability-bluetooth-headphones-speakers
https://www.tomsguide.com/audio/headphones/hundreds-of-millions-of-earbuds-headphones-and-speakers-vulnerable-to-tracking-and-eavesdropping-what-to-do-right-now
Published: Fri Jan 16 08:23:39 2026 by llama3.2 3B Q4_K_M
