Technology

BlueBorne attack threatens nearly every Bluetooth device

BlueBorne attack threatens nearly every Bluetooth deviceā€

Microsoft released a patch in June 2017 to provide immunity to its devices. "Moreover, Bluetooth offers a wider attacker surface than Wi-Fi, nearly entirely unexplored by the research community and hence contains far more vulnerabilities", Armsi Labs added. Dubbed BlueBorne, it affects almost all devices with Bluetooth capabilities, including smartphones, TVs, laptops, watches, smart TVs and some automobile audio systems. The flaws aren't in the Bluetooth standard itself, but in its implementation in all sorts of software.

Of note, Armis' research has found that Bluetooth just has to be open for an attack to be successful.

"Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with".

The security firm showed that a hacker can exploit one BlueBorne vulnerability to launch MitM attacks against Windows computers and redirect the victim's browsing session to a phishing website. All Android devices, besides those using Bluetooth Low Energy, are affected by BlueBorne - albeit in different ways.

Apple will not be pushing out an update, because the vulnerability affecting its Bluetooth implementation has already been mitigated in iOS 10 and users are encouraged to upgrade to it.

Microsoft released security updates to address this vulnerability on supported Windows versions in July and customers who installed those updates are protected against this attack. The most severe issues are the two remote code executions, which allow an attacker to completely own a device without the user even knowing.

There are several popular phones, which include the Samsung Galaxy devices and Google's Pixel are also found vulnerable, where the BlackBerry phones as well as many other Android devices have been found with the risk of vulnerability.

Due to the fact that BlueBorne uses Bluetooth, which is a less common attack vector, lots of security solutions may not detect the malicious activity. According to Armis' data, over 180 million Android devices are running on software that won't be updated with the latest security patch.

While the vulnerabilities vary by severity and platform, the worst affected are Android devices, and older iPhones and iPads.

Armis has uncovered eight associated zero-day vulnerabilities, four of which are classified as "critical". "Previously identified flaws found in Bluetooth were primarily at the protocol level".

"The vulnerability resides in the PAN profile of the Bluetooth stack, and enables the attacker to create a malicious network interface on the victim's device, re-configure IP routing and force the device to transmit all communication through the malicious network interface".

"We've run through scenarios where you can walk into a bank and it basically starts spreading around everything", Izrael said.

Google will issue patches for Android Nougat 7.0 and 6.0 as soon as possible.

The California-headquartered security firm recommended smartphone users to install patches and update their phones, as many Bluetooth vulnerabilities are active.

"The learning curve to scan for Bluetooth devices isn't that much greater than scanning for Wi-Fi access points".



Like this

Latest




Recommended