Bluetooth Bug in COVID-19 Test May Give False Results

Bluetooth Vulnerability Discovered in At-Home COVID-19 Test

A security flaw was recently identified in a widely used at-home COVID-19 test, potentially allowing for the manipulation of reported results.

Details of the Vulnerability

Ken Gannon, a researcher at F-Secure, discovered the vulnerability within the Ellume COVID-19 Home Test. This test is a self-administered antigen test that allows individuals to determine potential infection status without needing to visit a traditional testing facility.

The test utilizes a Bluetooth analyzer to process the sample and then transmits the outcome to both the user and relevant health authorities through the Ellume mobile application.

How the Hack Was Achieved

Gannon demonstrated that the integrated Bluetooth analyzer could be exploited to fabricate a verifiable result prior to processing by the Ellume app.

He employed a rooted Android device to intercept and analyze the data being sent from the test to the application. Two specific types of Bluetooth traffic were pinpointed as controlling the transmission of positive or negative results.

Subsequently, Gannon developed two scripts capable of altering a negative test result to appear as a positive one.

Proof of Concept and Result Verification

Following the successful manipulation, Gannon received a test result email from Ellume incorrectly indicating a positive diagnosis.

Further validating the exploit, F-Secure successfully obtained a certified copy of the falsified COVID-19 test results from Azova, a telehealth provider partnered with Ellume for certification purposes.

Bidirectional Manipulation and Potential Impact

While the initial demonstration focused on changing negative results to positive, Gannon confirmed the process is bidirectional.

Prior to the patch, individuals possessing the necessary technical expertise and motivation could potentially ensure consistently negative results, even when infected.

This raises concerns about the potential for submitting fraudulent certifications to fulfill U.S. re-entry requirements or workplace mandates.

Ellume’s Response and Mitigation

In response to F-Secure’s findings, Ellume has implemented updates to its system designed to detect and prevent the transmission of falsified results.

Future Verification Measures

Ellume plans to launch a verification portal.

• This portal will enable authorities – including health departments, employers, schools, and event organizers – to confirm the authenticity of Ellume COVID-19 Home Test results.

Alan Fox, Ellume’s head of Information Systems, expressed confidence in the reliability of the ECHT test and thanked F-Secure for identifying the issue and contributing to consumer protection.