Hackers Can Obtain Your Phone Number via an iPhone Bluetooth Traffic Leak

Written by Novak Bozovic
Last updated September 23, 2021

So far, this has been a problematic week for iOS users – in terms of their security. We learned about serious iMessage vulnerabilities that allow hackers to gain control of your device, and we learned about security flaws in Apple’s AWDL protocol. As it turns out, this isn’t where the problems for Apple’s AWDL end. There’s now a new report indicating that malicious actors can use your iPhone’s Bluetooth connection to collect private information, including your phone number.

According to security researchers at Hexway, the ability of your iPhone to talk to other devices can be used in a malicious way. As you already know, one of the best things about Apple’s devices is their ecosystem of services – which is probably one of their biggest selling points. If you own an iOS and macOS device, you can simply start your work on one device, and continue on the other. The core of this feature is two technologies: Wi-Fi and Bluetooth. More precisely, your iPhone continuously sends large data packets using Bluetooth LE (Low Energy). And the thing is that Bluetooth LE on iOS reveals your phone status, Wi-Fi status, buffer availability, OS version, and more.

In this particular case, Apple’s AirDrop feature can be used to retrieve your phone number. That’s because once you initiate an AirDrop file transfer, your phone is sending out SHA256 hash containing your phone number as well. Here’s a detailed explanation of this vulnerability.

To see the exploitation of this vulnerability in action, check out the following YouTube video. The Hexway researchers have nicely showcased the entire process, which can be run by just about anyone (not just hackers).

It’s important to note that the ‘AirDrop method’ isn’t the only way to take advantage of your iPhone’s Bluetooth traffic leak. The same can be done if someone is sharing Wi-Fi passwords. This method can reveal even more details, as its SHA256 hashes reveal your phone number, Apple ID, and your email address. Even though attackers could obtain only the first 3 bytes of the hashes, this is enough to reconstruct your phone number.

You’ve probably heard about cyber-flashing and free Wi-Fi networks tracking your location (like those in coffee shops and stores). Well, now you have another reason to disable the AirDrop feature and to only use it when absolutely needed. In addition, we’ll add that the vulnerabilities of your iPhone Bluetooth traffic can be stopped only if you disable Bluetooth on your device. Hexway says that they’ve detected this Bluetooth leak in the iOS versions starting from 10.3.1. Also, older devices (all iPhone models before the iPhone 6S) don’t pose a security risk as they’re not sending Bluetooth LE packets continuously.

Are you concerned about something stealing your personal information in crowded and public spaces? Let us know in the comments section below, and don’t forget to follow us via our social media profiles, on Facebook and Twitter. Thanks!

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: