Presented at
DEF CON 33 (2025),
Aug. 8, 2025, 10 a.m.
(45 minutes).
AirBleed is a proof-of-concept hack demonstrating a hidden communication technique leveraging a little-known vulnerability in macOS's Bluetooth property list files (Bluetooth.plist). By fragmenting payloads into tiny pieces and injecting them into device caches that go unnoticed by standard security tools, this capability enables operatives to establish dead-drop channels for passing critical data — all without arousing suspicion. [1] Stealth-by-Design: Uses legitimate Bluetooth device caches to hide encrypted payloads up to 248 bytes per fragment. [2] Dual-Use Impact: Enables clandestine communication or counter-plotter operations by law enforcement and intel. [3] Live Demo: DEFCON demo will allow attendees to send their own Bluetooth plist payloads to a vulnerable MacBook Pro. [4] Implications: Offers a novel toolkit for counterintelligence to monitor — and disrupt — hidden networks and dead drops.
Presenters:
-
Yvonne "Von Marie" Cervantes
Yvonne is a YouTube craft content creator and handmade crafter featured in craft magazines for her work on unique art pieces. She currently designs for four design company teams and also creates comic books with Ray. She is currently researching facial behavioral analysis through designing research ideas and strategies for improving the legal and trial consulting fields.
-
Ray "CURZE$" Cervantes
Ray is an offensive security engineer and counterintelligence innovator with a background in forensic psychology, turning aggressive tradecraft into powerful defense tools. He is currently researching facial behavioral analysis and creating AI-driven solutions for the legal and trial consulting fields. ChatGPT, Copilot, and Claude all predict that his work will land him in handcuffs within 5–10 years — a risk Ray embraces as proof he’s pushing the boundaries of security and innovation.
Similar Presentations: