Tweet
Hello Fellow Hackers,
We are excited to present for our first time at DEF CON!! We look forward to meeting all the hackers and sharing our AirBleed project.
Presentation Abstract:
AirBleed is a proof-of-concept hack demonstrating a hidden communication technique leveraging a little-known vulnerability in macOS’s Bluetooth property list files (Bluetooth.plist). By fragmenting payloads into tiny pieces and injecting them into device caches that go unnoticed by standard security tools, this capability enables operatives to establish dead-drop channels for passing critical data — all without arousing suspicion.
Key Highlights:
• Stealth-by-Design: Uses legitimate Bluetooth device caches to hide encrypted payloads up to 248 bytes per fragment.
• Dual-Use Impact: Enables clandestine communication or counter-plotter operations by law enforcement and intel.
• Live Demo: DEFCON demo will allow attendees to send their own Bluetooth plist payloads to a vulnerable MacBook Pro.
• Implications: Offers a novel toolkit for counterintelligence to monitor — and disrupt — hidden networks and dead drops.
Why It Matters:
With surging interest in data-hiding and tradecraft techniques that bypass conventional detection, this research provides both a new capability for operatives and an urgent call for defenders to monitor overlooked attack surfaces.
Reach out to us with any questions, comments and collaboration ideas at nobloodyregrets@gmail.com
or reach out to my LinkedIn at www.linkedin.com/in/raycervantes
We are interested in using AirBleed in artworks and art installations, comic books, films and other projects so please reach out to us.
~ CURZE$ & Von Marie
We are excited to present for our first time at DEF CON!! We look forward to meeting all the hackers and sharing our AirBleed project.
Presentation Abstract:
AirBleed is a proof-of-concept hack demonstrating a hidden communication technique leveraging a little-known vulnerability in macOS’s Bluetooth property list files (Bluetooth.plist). By fragmenting payloads into tiny pieces and injecting them into device caches that go unnoticed by standard security tools, this capability enables operatives to establish dead-drop channels for passing critical data — all without arousing suspicion.
Key Highlights:
• Stealth-by-Design: Uses legitimate Bluetooth device caches to hide encrypted payloads up to 248 bytes per fragment.
• Dual-Use Impact: Enables clandestine communication or counter-plotter operations by law enforcement and intel.
• Live Demo: DEFCON demo will allow attendees to send their own Bluetooth plist payloads to a vulnerable MacBook Pro.
• Implications: Offers a novel toolkit for counterintelligence to monitor — and disrupt — hidden networks and dead drops.
Why It Matters:
With surging interest in data-hiding and tradecraft techniques that bypass conventional detection, this research provides both a new capability for operatives and an urgent call for defenders to monitor overlooked attack surfaces.
Reach out to us with any questions, comments and collaboration ideas at nobloodyregrets@gmail.com
or reach out to my LinkedIn at www.linkedin.com/in/raycervantes
We are interested in using AirBleed in artworks and art installations, comic books, films and other projects so please reach out to us.
~ CURZE$ & Von Marie