Home / Explore Technology / Security / BlueBorne Bluetooth Attack Puts 5 Billion Devices at Risk

BlueBorne Bluetooth Attack Puts 5 Billion Devices at Risk

Do you have a device with Bluetooth capabilities? We have some potentially bad news.

SecurityWatchResearchers at security firm Armis are warning users about a new attack vector leveraging Bluetooth that affects almost 5.3 billion devices across iOS, Android, Windows, and Linux. The BlueBorne technique, which spreads through the air, could allow an attacker to take complete control of affected devices, access corporate data and networks, penetrate even "secure" networks, and spread malware.

Worse yet, "the attack does not require the targeted device to be paired to the attacker's device, or even to be set on discoverable mode," the company wrote in a blog post. In fact, this attack requires no user interaction at all.

If a user simply has Bluetooth enabled, a hacker would be able connect to their device and spread malware—all without the user's knowledge. Armis explained that because it propagates through the air, BlueBorne is "much more dangerous" than the majority of attacks today, which rely on the internet. This unusual attack method also allows hackers to bypass current security defenses since they don't protect against "airborne threats" of this kind.

"BlueBorne can serve any malicious objective, such as cyber espionage, data theft, ransomware, and even creating large botnets out of IoT devices," Armis said.

Armis has uncovered eight associated zero-day vulnerabilities, four of which are classified as "critical." The company has reported these flaws to affected companies — including Google, Microsoft, Apple, Samsung, and Linux — and is working with them to get patches deployed.

Related

Apple mitigated the flaw in iOS 10, but all iPhones, iPads, and iPod touch devices with iOS 9.3.5 or lower, and Apple TV devices with version 7.2.2 or lower are at risk. Google, meanwhile, has issued a security update for Android version 7.0 Nougat and 6.0 Marshmallow and notified its partners about it. This threat, however, affects "all Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions," Armis said.

Microsoft on Tuesday issued security patches to protect supported versions of Windows against this threat. The Linux team is also working to issue patches.

If you're worried, Armis recommends disabling Blutooth and using it as little as possible.

Read more

Check Also

Facebook, YouTube Still Struggling To Stop Terrorist Content

Despite efforts to crack down on terrorist propaganda, Facebook, Instagram, YouTube and Google are failing to catch large swaths of it, says new research.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.