BILLIONS of devices at risk from new vulnerability in Bluetooth software — BlueBorne

Angelica Greene
September 14, 2017

Originally discovered by security firm Armis, the BlueBorne vulnerabilities spread via over-the-air (OTA) attacks via Bluetooth. The devices include smartphones, computers, tablets, and infotainment systems.

Armis' full report is available at this link. Having it on all day everyday can exponentially risk a person's security and privacy, even if they have installed the necessary patch. In several trials, researchers were able to create botnets and install ransomware using Bluetooth.

"BlueBorne is another example of how simple it is for hackers to quickly scan for, and then exploit, open Bluetooth devices".

The attack is especially unsafe because it can spread without the victim doing anything or noticing it. The attack does not require any user interaction, authentication, or pairing, making it practically invisible.

Armis Labs first discovered BlueBorne back in April and have been warning tech companies ever since.

PAT supports PTI candidate in NA-120: Qadri
According to the PTI chief, the ECP was only toeing the line of the government, saying it was not impartial at all. Imran Khan's new counsel Babar Awan appeared in the hearing today.

Bruins sign David Pastrnak to 6-year, $40 million contract
As expected, and still without a deal reached between Bruins general manager Don Sweeney and National Hockey League agent J.P. Barry, star restricted free agent David Pastrnak will not be on the ice for the start of Bruins training camp on Thursday.

Jose still in the Atlantic: NOT an imminent USA threat
Hurricane force winds extend out 25 miles and tropical storm force winds go out 140 miles from the center of the storm. Jose was moving toward the west near 3 miles per hour with maximum sustained winds near 80 miles per hour .

"A self-replicating computer worm could, like a biological virus infecting humans, spread itself right across the globe like wildfire", he said.

"Unlike the common misconception, Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with". Bluetooth signals allow gadgets to connect and communicate wirelessly. The learning curve to scan for Bluetooth devices isn't that much greater than scanning for WIFI access points.

Armis Labs warns that any device that has Bluetooth is vulnerable and that the virus can be spread simply by passing within 32 feet of an infected device. "Unfortunately in these cases, many connected devices don't allow for patch management and become easy targets".

The larger problem lies with smartphone manufacturers whose devices run on Google's Android OS, as manufacturers are the ones responsible for releasing security patches and updates from Google to its users. But we all know that updates aren't exactly instant in the Android universe, especially compared to Apple's or Microsoft's updates. Apple confirmed that BlueBorne is not an issue for its mobile operating system, iOS 10, or later. Pixel devices have already received the updates. "Regardless of the security features on your device, the only way to completely prevent attackers from exploiting your device is to power off your device's Bluetooth function when you're not using it".

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER