Notebookcheck Logo

Researcher reveals that some at-home COVID-19 tests could be hacked using Bluetooth

F-Secure found that Ellume at-home COVID-19 tests were hackable via Bluetooth, allowing you to falsify your test result. (Image source: Roman Wimmers on Unsplash)
F-Secure found that Ellume at-home COVID-19 tests were hackable via Bluetooth, allowing you to falsify your test result. (Image source: Roman Wimmers on Unsplash)
It has been discovered that you can hack some at-home COVID-19 lateral flow tests via Bluetooth. This flaw would allow you to modify your test result. However, the problem has now been resolved, ensuring that you cannot alter the outcome of your test.

A researcher has found that it is possible to hack one brand of at-home COVID-19 tests via Bluetooth. The flaw allowed the researcher, Ken Gannon, to modify his test result from negative to positive. Though he did not trial it, Gannon believes he could also have amended the result the other way. The weakness which allowed the hack has now been fixed.

The problem was found in an Ellume COVID-19 Home Test. The Ellume test allows you to test yourself for COVID-19 antigens at home, with the result shared via Bluetooth to an app installed on your phone. After 15 minutes, the results are shared with the user on the app and can then be passed to the relevant health authorities. Ellume at-home tests are CDC approved for re-entry to the US after international travel.

Gannon, who works for F-Secure, purposefully searched for faults in the Ellume test. He realized that the Bluetooth element of the test could be breached, allowing him to alter the test result and thus change the data reported to the authorities.

To analyze the Ellume test, Gannon used a custom board and a standard lateral flow test; the custom board was used to determine the test result, checking if two lines appeared. This device would then communicate with the app to log the outcome of the test. F-secure found that it could modify the “test status” in the two types of Bluetooth traffic between the lateral flow test and the app to fake the result.

On discovering the weakness, F-Secure reported its findings to Ellume. Ellume has since stated that it has updated its system to ensure that falsified results can be detected and prevented from being transmitted.

Buy the book The Cyber Effect on Amazon

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Mail Logo
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2021 12 > Researcher reveals that some at-home COVID-19 tests could be hacked using Bluetooth
Polly Allcock, 2021-12-22 (Update: 2021-12-22)