March 21 2018

Newly discovered Bluetooth vulnerability exposes billions of devices

March 21 2018, 12:46 | Geraldine Moore

EnlargeFord Asia Pacific

EnlargeFord Asia Pacific

"The BlueBorne attack vector requires no user interaction, is compatible to all software versions, and does not require any preconditions or configurations aside of the Bluetooth being active".

An airborne computer virus with the ability to infect billions of phones and other devices has been identified by internet security analysts.

✯ Users of Android devices can determine if their device is vulnerable by downloading the BlueBorne Android App [link to be added soon] on the Google Play Store and use it to run a simple and quick check. This can lead to the creation of massive botnets.

"The BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 8.2 billion devices today", the post said.

The researchers have reported the flaws to the affected vendors, but acknowledged that many Android devices will not be patched.

You can turn off your Bluetooth to prevent attacks if you won't receive the patch, Armis advised.

If you are using the Bluetooth technology of your smartphone, it is advisable to be vigilant: a critical flaw has been discovered, and, especially, the details have been made public on the 12th of September 2017 by the security firm Armis. This becomes a problem in light of the bugs in various parts of the Bluetooth stack, found in L2CAP, BlueZ, SDP, SMP, BNEP, PAN Profiles, and Apple's proprietary LEAP implementation.

Although you're not likely at risk from BlueBorne, it's a good idea to keep Bluetooth turned off on your device when you're not using it.

But Mr Miller said the spread of infection was still possible because people are often slack about updating their security software and operating systems.

The security firm also said that BlueBorne is based on the vulnerabilities found in the various implementations, and it's anxious that other vulnerabilities may exist on other Bluetooth-connected platforms that it hasn't yet tested. The researchers have informed Microsoft, Google, Linux, and Apple about the new "BlueBorne" attack, and some of these companies have even rolled out patches for it. Windows machines also received a patch in July that protects them from the Bluetooth-based attacks. In this way, attackers can get all of a victim's Internet traffic over Bluetooth.

The security firm Armis is calling the fully operational vulnerabilities "BlueBorne" and warns that virtually any unpatched Android, Linux or Windows device could be compromised.

An nearly identical man-in-the-middle issue was found in the Android Bluetooth stack.

It's called BlueBorne, as it spreads through the air on Bluetooth connections, and it can be used to conduct remote code execution as well as Man-In-The-Middle attacks. "It doesn't require the user to make a mistake, or have a device in a discoverable mode". Google and Microsoft have released updates addressing the issue, while others are preparing fixes that are in various stages of being released. The manufacturers are the ones that need to release the patch to fix the issue, and most manufacturers have yet to release those patches to the impacted devices.

Other news