Researchers Discover Critical Vulnerability in Google Fast Pair Allowing Device Takeover and Surveillance

Researchers from the Computer Security and Industrial Cryptography group at KU Leuven have identified a critical vulnerability in the Google Fast Pair protocol, exploitable through the WhisperPair attack. This flaw enables attackers to take control of millions of Bluetooth devices, geolocate users, and intercept audio conversations. The article does not specify the discovery date or any deployed patches. The vulnerability affects mobile devices running Android and iOS that use Fast Pair. No additional technical details (such as a CVE identifier) are provided.