Google Fast Pair Flaw Exposes Sony, Anker Headphones
▼ Summary
– A new flaw called WhisperPair in Google’s Fast Pair protocol allows attackers within Bluetooth range to secretly pair with and hack many headphones, earbuds, and speakers.
– Successful attacks on 17 tested devices enabled hackers to play audio, intercept calls, and eavesdrop using the devices’ microphones.
– A more severe tracking vulnerability in some Sony products and Pixel Buds Pro 2 could let hackers link devices to their Google account and track the user’s location via Google’s Find Hub network.
– Google has recommended fixes to manufacturers and updated its certification requirements, but a patch to prevent tracking on unpatched devices was quickly bypassed by researchers.
– The only protection for users is to install firmware updates from manufacturers, as the Fast Pair feature itself cannot be disabled.
A newly discovered security flaw in Google’s Fast Pair protocol has exposed a range of popular Bluetooth audio devices to potential eavesdropping and unauthorized tracking. Researchers from a Belgian university identified vulnerabilities that allow attackers within Bluetooth range to secretly pair with headphones and earbuds from brands like Sony, Anker, and Nothing. This exploit, named WhisperPair, can compromise devices even when used with iPhones, despite Fast Pair being a Google-specific feature designed to simplify connections for Android and Chrome OS users.
The core of the problem lies in incorrect implementation by device manufacturers. The protocol includes a specification stating that a Fast Pair device should not accept a new connection while already paired to another. However, many products tested did not enforce this rule. The research team successfully hacked 17 out of over two dozen devices, demonstrating they could play audio at any volume, intercept phone calls, and listen in on conversations using the built-in microphones.
A more severe tracking vulnerability was confirmed in five Sony products and Google’s own Pixel Buds Pro 2. If these devices had never been linked to a Google account, a common scenario for iPhone users, an attacker could pair them and register them to their own account. This would grant them access to Google’s Find Hub network, enabling them to monitor the location and movements of the headphone user. Smartphone notifications warning of tracking could potentially be dismissed as simple errors by an unsuspecting victim.
Google was notified of these findings in August 2025. The company subsequently provided recommended fixes to its hardware partners and updated its certification requirements to prevent similar issues. A Google spokesperson stated they worked with the researchers and have seen no evidence of real-world exploitation. While software updates from manufacturers are the definitive solution, Google also deployed a network-side update to the Find Hub system to protect unpatched devices. The researchers, however, reported bypassing this additional protection within hours using outdated firmware, a workaround Google says it is now investigating.
Since the Fast Pair feature itself cannot be disabled, the only reliable protection for users is to install any available firmware updates released by their device’s manufacturer. Companies are in the process of addressing the vulnerabilities, with OnePlus confirming it is investigating the report and will take action to safeguard user privacy. Consumers are advised to check for updates from Sony, Anker, Nothing, and other affected brands to ensure their Bluetooth accessories are secure.
(Source: The Verge)
