Billions Of Devices At Risk From Bluetooth Flaws — Blueborne Attacks

BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices

BlueBorne, as the researchers have dubbed their attack, is notable for its unusual reach and effectiveness. To launch an attack, malware can connect to a target device and remotely execute code on the phone, tablet, computer, or smart device, which lets the malware spread further to other devices.

Bluetooth security risks are not a new thing, though most past attacks have involved misconfiguration or the lack of PIN authentication to secure a Bluetooth connection.

It's also, according to Armis, a Palo Alto, California-based IoT security firm, too complicated. "BlueBorne abuses the fact that when Bluetooth is on, all of these devices are always listening for connections". Microsoft patched the vulnerability in the July update, but not all users patch their machines as soon as an update is available. A Microsoft representative said Windows Phone was never vulnerable.

The good news is that patches have either been issued or are on their way for major operating systems, with Google Inc. and Microsoft Corp. has already issued updates that fix the vulnerabilities with The Linux Foundation to release a patch to the Linux kernel shortly. Others are preparing patches that are in various stages of being released.

Every Windows computer since Windows Vista is potentially vulnerable to the "Bluetooth Pineapple" flaw, which can be used to conduct a man-in-the-middle attack.

"The vulnerabilities described above, and the related exploitation techniques are not very complex", said the researchers in the technical paper.

There are two specific methods attackers could use with exploit code. BlueBorne also massages Android memory in a way that further lessens the protection offered by ASLR.

Blueborne poses a significant risk to both individuals and organizations. It could also change data in transit.

BlueBorne-Android Take Over Demo. The researchers consider three of the flaws to be critical.

The researchers say they reported the vulnerabilities to Apple, Google, and Microsoft in April and to Linux in August. All parties agreed to keep the findings confidential until today's coordinated disclosure. ZDNet's own testing, using Armis' app to check local and nearby Android devices for the vulnerabilities, shows several BlackBerry phones are at risk, as well as other Android devices.

While these fixes cover most users, those operating on older devices or out-of-date operating systems-a number that still tallies in the millions worldwide-will remain vulnerable with little recourse to prevent against the attack.

A list of affected devices can be found on Armis' website. While the underlying vulnerability exists in some form across most Android and Linux devices, the specific exploit varies from system to system, making it hard to write a single virus that would be able to target every vulnerable device. His hope is that now, with BlueBorne, there will more Bluetooth security scrutiny. For example, a delivery person dropping a package at a bank could carry weaponized code on a BlueTooth-enabled device. Such self-replicating exploits could quickly take over huge numbers of devices at conferences, sporting events, or in work places.

✯ Disable Bluetooth unless you need to use it, but then turn it off immediately.

Anxious your device might be vulnerable?

Izrael confirmed that BlueBorne exploits would have to be customized for each platform but said the amount of work required to do so would be manageable.

Google's Android, however, is spread across so much hardware that the onus to update falls on third-party manufacturers, who might not patch out the vulnerability in time.

More information on the attack can be found below.

Related:

Comments


Other news