Sony, Anker, and different headphones have a critical Google Fast Pair safety vulnerability

Several Bluetooth audio units from corporations like Sony, Anker, and Nothing are inclined to a brand new flaw that may permit attackers to pay attention to conversations or observe units that use Google’s Find Hub community, as reported by Wired.

Researchers from KU Leuven University’s Computer Security and Industrial Cryptography group in Belgium found a number of vulnerabilities in Google’s Fast Pair protocol that may permit a hacker inside Bluetooth vary to secretly pair with some headphones, earbuds, and audio system. The assaults, which the researchers have collectively dubbed WhisperPair, may even be used on iPhone customers with affected Bluetooth units regardless of Fast Pair being a Google-specific function.

Fast Pair streamlines Bluetooth pairing and lets wi-fi audio equipment connect with Android or Chrome OS units by merely tapping them collectively. But the researchers discovered that many units don’t implement Fast Pair accurately, together with a Google specification that claims Fast Pair units shouldn’t be capable to connect with a brand new system whereas already paired to a different.

The researchers examined their WhisperPair assaults on over two dozen Bluetooth units and had been profitable in hacking 17 of them. They had been in a position to play their very own audio by way of the compromised headphones and audio system at any quantity, intercept cellphone calls, and even snoop on conversations utilizing the units’ microphones.

A extra critical problem was discovered to have an effect on 5 Sony merchandise and Google’s Pixel Buds Pro 2. If the units weren’t beforehand linked to an Android system and linked to a Google account (which isn’t required when utilizing them with iPhones), WhisperPair may very well be used to pair and hyperlink them to a hacker’s Google account that might be acknowledged because the system’s proprietor. That would permit a hacker to make use of Google’s Find Hub community to trace the person’s location and actions by way of their headphones, assuming smartphone notifications warning {that a} system was monitoring them had been dismissed as errors.

The researchers reported their findings to Google in August 2025. The firm then advisable fixes to its “accessory OEM partners” in September and up to date its certification necessities to mitigate comparable points going ahead. “We worked with these researchers to fix these vulnerabilities, and we have not seen evidence of any exploitation outside of this report’s lab setting,” Google spokesperson Ed Fernandez says in a written assertion to The Verge.

The advisable fixes resolve all of the Fast Pair points as soon as a software program replace has been put in, however Google carried out an extra Find Hub community replace to stop WhisperPair from getting used to trace sure Bluetooth units that haven’t been patched. The researchers instructed Wired it solely took them a couple of hours to bypass that patch and proceed their monitoring. According to Fernandez, the researchers used “old/not updated accessory OEM firmware in order to execute their workaround,” and Google is “looking into the bypass for this additional fix,” which was solely submitted earlier this week.

The Fast Pair function can’t be disabled, so the one approach to shield towards WhisperPair assaults is for customers to put in firmware updates launched by producers that resolve the vulnerabilities. The Verge reached out to all of the producers with affected {hardware} to verify the progress of fixes. Spenser Blank, the pinnacle of promoting & communications for OnePlus North America, instructed The Verge in a written assertion that the corporate “takes all security reports seriously” and that it’s “currently investigating this matter and will take appropriate action to protect our users’ security and privacy.”

We will replace this story as different corporations reply.