Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Billions of Devices Potentially Exposed to New Bluetooth Attack

Billions of Android, iOS, Windows and Linux devices that use Bluetooth may be exposed to a new attack that can be carried out remotely without any user interaction, researchers warned.

Billions of Android, iOS, Windows and Linux devices that use Bluetooth may be exposed to a new attack that can be carried out remotely without any user interaction, researchers warned.

Armis Labs, a company that specializes in protecting Internet of Things (IoT) devices, has discovered a total of eight Bluetooth implementation vulnerabilities that expose mobile, desktop and IoT systems to an attack it has dubbed “BlueBorne.”

According to the security firm, the attack only requires Bluetooth to be enabled on the targeted device – no pairing is needed between the victim and the attacker’s device, and the Bluetooth connection does not even have to be discoverable.BlueBorne Bluetooth attack

A hacker who is in range of the targeted device can exploit one of the several Bluetooth implementation vulnerabilities that can lead to remote code execution, information disclosure or man-in-the-middle (MitM) attacks. The attacker only needs to determine what type of operating system the target is using in order to deploy an exploit specific to that platform.

BlueBorne does not require the targeted user to click on a link or open a file, and the malicious activities can take place in the background, making it less likely for the victim to notice anything suspicious. And since the attack leverages Bluetooth, a less common attack vector, many security solutions may not detect the malicious activity, Armis said.

The flaws can be exploited by malicious actors to deliver ransomware and other types of malware. Armis claims the technique can also be used to create a worm that spreads from one device to another via Bluetooth.

Armis showed that an attacker can also exploit one BlueBorne vulnerability to launch MitM attacks against Windows machines and redirect the victim’s browsing session to a phishing website. Another video shows a hacker taking control of a Samsung smartwatch running a Linux-based Tizen operating system and eavesdropping on its owner.

Vulnerabilities that allow BlueBorne attacks have been found in several implementations of Bluetooth, including in Windows, Android, Linux and iOS. Experts discovered information disclosure and code execution flaws in Linux; one vulnerability that allows MitM attacks in Windows (CVE-2017-8628); four code execution, MitM and information disclosure vulnerabilities in Android (CVE-2017-0781, CVE-2017-0782, CVE-2017-0783 and CVE-2017-0785); and one code execution flaw in the Bluetooth Low Energy Audio protocol used by iOS.

Advertisement. Scroll to continue reading.

Google patched the weaknesses in Android with its September security updates. Microsoft told SecurityWeek it released fixes for Windows in July, but withheld disclosure until other vendors could develop and release updates. Apple has already addressed the vulnerabilities with the release of iOS 10 (one year ago) and Apple TV 7.2.2. Earlier versions of the Apple operating systems are still vulnerable to attacks.

The developers of Linux distributions have also been notified and are also said to be working on patches.

Armis has released some technical details  about each of the vulnerabilities, but it will only make the exploits available at a later date.

*Updated to clarify that Microsoft released patches in July

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...