PSA: BlueBorne is the exploit all mobile device users need to be wary about
Researchers from security firm Armis have discovered an attack that uses Bluetooth to hack a wide range of devices on almost every platform. These include Android, Linux, and Windows machines that haven’t applied the patch issued in July.
Dubbed BlueBorne by the researchers, the attack can compromise any device with Bluetooth on without requiring the user to click on any links, connect to any device, or take any action other than to leave Bluetooth on. Apparently the exploit process is very fast too, requiring only 10 seconds to complete. And it works even if your device is already paired to another Bluetooth device.
“Just by having Bluetooth on, we can get malicious code on your device,” Nadir Izrael, CTO and cofounder of security firm Armis, told Ars Technica. “BlueBorne abuses the fact that when Bluetooth is on, all of these devices are always listening for connections.”
As mentioned above, Microsoft has already issued a patch for the vulnerabilities for Windows machines. According to Ars, a Microsoft representative said Windows Phone was never vulnerable. Google, meanwhile, provided a patch last month to device manufacturers. It plans to make the patch available for users of the Pixel XL and other Google-branded phones, but it may take weeks before over-the-air fixes are available to users. Izrael said he expects Linux to release a fix soon. Apple’s iOS prior to version 10 was also vulnerable.
Android and Linux based machines most at risk, because the Bluetooth implementations in both operating systems are vulnerable to memory corruption exploits that let a hacker execute virtually any code. The Bluetooth functionality in both OSes also run with high system privileges, so the resulting infection is able to gain access to sensitive system resources and survive multiple reboots.
It doesn’t help that most Linux devices don’t use address space layout randomization to prevent buffer overflow exploits. Android devices do, but a separate vulnerability in the Android Bluetooth implementation leaks information about where key processes are running, which can then be exploited.
Against unpatched Windows machines, Armis researchers were able to intercept network traffic to and from Windows computers and modify that data at will. Meaning, attackers could use BlueBorne to bypass firewalls and gather sensitive data or tamper with it while it’s in transit. The Android implementation is vulnerable to the same attack.
The videos below demonstrate attacks on the various platforms.
More Info: www.hardwarezone.com.sg