New Bluetooth vulnerabilities expose billions of devices to hacking

Billions of Bluetooth-enabled devices are exposed to a number of recently discovered vulnerabilities that allow a hacker to access and take control of devices, install malware and undertake other malicious activities, according to newly published research.

Discovered by security firm Armis Labs Inc. and dubbed “BlueBorne,” the vulnerability affects major mobile, desktop, and IoT operating systems, including Android, iOS, Windows and Linux. It’s spread over the air and attacks devices via an open Bluetooth connection without the need for a device to be paired.

The attack takes advantage of at least eight newly discovered vulnerabilities present in a standard Bluetooth driver installation. Once through the door, hackers can not only attack the targeted device but also use it for “man in the middle attacks,” a form of attack where the device is used to attack other devices on a network.

“The BlueBorne attack vector has several qualities which can have a devastating effect when combined,” Aramis said in a blog post. “By spreading through the air, BlueBorne targets the weakest spot in the networks’ defense – and the only one that no security measure protects. Spreading from device to device through the air also makes BlueBorne highly infectious. Moreover, since the Bluetooth process has high privileges on all operating systems, exploiting it provides virtually full control over the device.”

The good news is that patches have either been issued or are on their way for major operating systems. Google Inc. and Microsoft Corp. have already issued updates that fix the vulnerabilities, and the Linux Foundation plans to release a patch to the Linux kernel shortly. Apple products running the latest version of iOS are not affected, but those running older versions of the operating system are.

Conversely, the bad news is that many devices don’t get updated. For example, Android devices are notorious for lacking security updates or having to wait a long time to receive them, leaving millions and potentially billions of Android devices at risk.

In an email to SiliconANGLE, a spokesperson for Aramis said that business should be aware that current endpoint protection, mobile data management, firewalls and network security solutions are not designed to identify this kind of vulnerability and associated exploits.

“New solutions … are entering the marketplace specifically designed to discover, profile and sanction devices on or off the corporate network, as well identify the connections they make, including device-to-device connections. Security professionals should look into these types of solutions as they assess their exposure.”

Image: Aramis

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy