New Bluetooth vulnerabilities expose billions of devices to hacking

Billions of Bluetooth-enabled devices are exposed to a number of recently discovered vulnerabilities that allow a hacker to access and take control of devices, install malware and undertake other malicious activities, according to newly published research.

Discovered by security firm Armis Labs Inc. and dubbed “BlueBorne,” the vulnerability affects major mobile, desktop, and IoT operating systems, including Android, iOS, Windows and Linux. It’s spread over the air and attacks devices via an open Bluetooth connection without the need for a device to be paired.

The attack takes advantage of at least eight newly discovered vulnerabilities present in a standard Bluetooth driver installation. Once through the door, hackers can not only attack the targeted device but also use it for “man in the middle attacks,” a form of attack where the device is used to attack other devices on a network.

“The BlueBorne attack vector has several qualities which can have a devastating effect when combined,” Aramis said in a blog post. “By spreading through the air, BlueBorne targets the weakest spot in the networks’ defense – and the only one that no security measure protects. Spreading from device to device through the air also makes BlueBorne highly infectious. Moreover, since the Bluetooth process has high privileges on all operating systems, exploiting it provides virtually full control over the device.”

The good news is that patches have either been issued or are on their way for major operating systems. Google Inc. and Microsoft Corp. have already issued updates that fix the vulnerabilities, and the Linux Foundation plans to release a patch to the Linux kernel shortly. Apple products running the latest version of iOS are not affected, but those running older versions of the operating system are.

Conversely, the bad news is that many devices don’t get updated. For example, Android devices are notorious for lacking security updates or having to wait a long time to receive them, leaving millions and potentially billions of Android devices at risk.

In an email to SiliconANGLE, a spokesperson for Aramis said that business should be aware that current endpoint protection, mobile data management, firewalls and network security solutions are not designed to identify this kind of vulnerability and associated exploits.

“New solutions … are entering the marketplace specifically designed to discover, profile and sanction devices on or off the corporate network, as well identify the connections they make, including device-to-device connections. Security professionals should look into these types of solutions as they assess their exposure.”

Image: Aramis

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.