explaingit

simondankelmann/bluetooth-le-spam

4,781KotlinAudience · researcherComplexity · 1/5Setup · easy

TLDR

An Android app that broadcasts fake Bluetooth Low Energy device advertisements, causing nearby iPhones and Windows PCs to display pairing popups for devices that do not exist, built as a security research proof of concept, no longer actively maintained.

Mindmap

mindmap
  root((bluetooth-le-spam))
    What it does
      Fake BLE ads
      Trigger popups
      Spam detection
    Targets imitated
      iOS devices
      Windows Swift Pair
      Samsung Easy Setup
    Use cases
      Security research
      Vulnerability demos
      Flipper detection
    Tech stack
      Kotlin
      Android BLE API
      F-Droid install
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Test how your own devices respond to spoofed BLE advertisements in a controlled research environment

USE CASE 2

Demonstrate Bluetooth proximity notification vulnerabilities for security awareness training

USE CASE 3

Detect nearby Flipper Zero devices or other BLE spam sources using the built-in spam detector feature

Tech stack

KotlinAndroidBluetooth LEF-Droid

Getting it running

Difficulty · easy Time to first run · 5min

Android 8.0+ required, iOS freeze bug has been patched in later iOS 17 versions, check local laws before broadcasting fake BLE signals in public.

No license information was provided in the explanation.

In plain English

This is an Android app that uses the phone's built-in Bluetooth radio to broadcast fake device advertisements. Bluetooth Low Energy (BLE) is a standard that devices use to announce their presence to nearby gadgets, which then respond by showing pairing prompts or notifications. This app generates those announcements without an actual device behind them, causing nearby phones and computers to display popups they would normally show when a real device is nearby. The app can imitate the advertisement formats used by Apple, Windows (via a feature called Swift Pair), and Samsung Easy Setup. When a phone running iOS or Windows receives one of these fake advertisements, it may display a popup asking the user to connect to or set up a device that does not actually exist. The app also includes a spam detector feature that can identify when nearby devices are sending similar fake advertisements, including those from a Flipper Zero, and notifies the user. The README is upfront that this project is no longer actively maintained and describes the content as a proof of concept for research and educational purposes. It notes that one feature, the ability to cause certain iPhone models running iOS 17 to temporarily freeze and restart, has been patched by Apple in later iOS versions. Users are reminded that they are responsible for following local laws when using the app, as broadcasting fake Bluetooth signals could be restricted or prohibited depending on the situation. The app is available to download from F-Droid, an open-source Android app store, or directly as an APK from the GitHub releases page. It requires Android 8.0 or later and only works on Android, not on iOS or PC. Building from source requires the Kotlin development tools and the project can be compiled in either a release or debug configuration.

Copy-paste prompts

Prompt 1
I am using bluetooth-le-spam for BLE security research. How do I configure it to broadcast a fake Apple AirPods advertisement and what popup will a nearby iOS device display?
Prompt 2
How does the spam detector feature in bluetooth-le-spam identify fake BLE advertisements from a Flipper Zero and what signals does it look for in the advertisement data?
Prompt 3
Walk me through how bluetooth-le-spam constructs the manufacturer-specific bytes for a fake Apple BLE advertisement in Kotlin, what values go in the payload?
Prompt 4
Which iOS and Windows versions are still vulnerable to the popups triggered by bluetooth-le-spam and which ones have been patched against it?
Open on GitHub → Explain another repo

← simondankelmann on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.