Security researchers alerted that billions of Windows, Android, Linux and iOS devices which use Bluetooth could be affected by a new attack that can be carried out remotely without users interaction.
The Armis Labs company, which specializes in protecting Internet of Things (IoT) devices, has recently found eight Bluetooth implementation vulnerabilities which expose desktop, mobile, and IoT systems to the so called “BlueBorne” attack.
Armis Labs claims that the only thing the attack needs is an enabled Bluetooth on the targeted device. It does not require any pairing between the victim and the hacker’s device, and the Bluetooth connection might not be discoverable.
This means that any hacker who is in the targeted device range can exploit one of the several Bluetooth implementation vulnerabilities which can lead to remote code execution, information disclosure or man-in-the-middle (MitM) attacks.
To deploy an exploit to a platform, the hacker only needs to know the type of operating system which the target uses.
The BlueBorne attack does not require the targeted user to click on a link or open a file, and the malicious activities can take place in the background, making it less possible for the victim to notice anything wrong.
Due to the fact that BlueBorne uses Bluetooth, which is a less common attack vector, lots of security solutions may not detect the malicious activity.
Flaws can be exploited by malicious actors for delivering ransomware as well as some other types of malware. According to Armis Labs, this technique can also be used for creating a worm which spreads from one device to another via Bluetooth.
The security firm showed that a hacker can exploit one BlueBorne vulnerability to launch MitM attacks against Windows computers and redirect the victim’s browsing session to a phishing website. Another video shows an attacker who takes control of a Samsung smartwatch running a Linux-based Tizen operating system and eavesdropping on its owner.
The experts discovered vulnerabilities allowing BlueBorne attacks in several implementations of Bluetooth, including Android, Windows, iOS, and Linux. The researchers found information disclosure and code execution flaws in Linux; one vulnerability that allows MitM attacks in Windows (CVE-2017-8628); four code execution, MitM and information disclosure vulnerabilities in Android (CVE-2017-0781, CVE-2017-0782, CVE-2017-0783 and CVE-2017-0785); and one code execution flaw in the Bluetooth Low Energy Audio protocol used by iOS.
Google patched the flaw in Android with its September security updates.
Apple has addressed the vulnerabilities with the iOS 10 release and Apple TV 7.2.2. However, the older versions of their operating systems remained vulnerable to malware attacks.
The developers of Linux distributions have also been alerted on the issue and they are also working on patches.
Users can find some technical details about each vulnerability in the paper released by Armis Labs.
