David Schwartz, chief technology officer at enterprise blockchain company Ripple, has already commented on a recently discovered Bluetooth vulnerability affecting close to a billion devices. 

"Not good," the architect behind the XRP Ledger said in a recent social media post.

Earlier this week, Tarlogic, a Spanish company specializing in cybersecurity, revealed that it had discovered a backdoor in the widely used ESP32 microcontroller. 

HOT Stories Ripple CTO Reacts to Vulnerability Affecting Billion Devices Tim Draper on Stategic Bitcoin Reserve: 'Awesome. Make Sure You Have Some' Fed's Jerome Powell Drops Insight; Here's How Crypto Market Reacted 15,566,450 SHIB at One Go: What Happened?

The low-cost chip, which can be purchased for roughly $2, can be found in the "vast majority of Bluetooth IoT devices," according to Tarlogic. Some of the examples of such devices include smart watches, smart locks, LED controllers, fitness trackers, IoT-enabled speakers, security cameras and so on.

Related
Thu, 03/06/2025 - 13:17 Binance's CZ Issues Critical Security Call to Crypto Industry
Yuri Molchan

However, it turns out that the chip can be infected with malicious code due to the presence of hidden commands. Tarlogic discovered a total of 29 commands that had not been documented before. 

This undocumented backdoor could potentially allow bad actors to gain access to devices using the ESP32 chip even if they are offline. Their motives could range from stealing sensitive personal data to spying. 

That said, some commentators have questioned whether undocumented commands can actually qualify as a backdoor. 

Related
Fri, 01/31/2025 - 14:32 Cardano Post-Plomin Hardfork: Key Security Alert Issued
Tomiwabold Olajide

Espressif, the Chinese semiconductor company behind the chip, is yet to comment on the recent finding. Moreover, it appears like there is no easy solution to this problem that does not involve replacing all hardware. 

Last year, Schwartz also warned about a Windows vulnerability that made it possible for attackers to run arbitrary code within a Wi-Fi range.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。