Every day, security researchers try to identify issues in security systems in operating systems and devices all over the world. They do so in order to prevent exploitation of system vulnerabilities by identifying them sooner and applying security patches. Since attackers continue to come up with new attack vectors, researchers continuously try to broaden their horizons as well. The result of this practice is the discovery of a new vulnerability in devices that support Bluetooth technology. Named BlueBorne, this vulnerability can possibly affect billions of devices.
What is BlueBorne?
BlueBorne is a Bluetooth vulnerability which allows attackers to infiltrate your device within seconds. Since a lot of devices, such as smartphones, tablets, computers, Smart TVs, and even IoT devices, support Bluetooth, this vulnerability could potentially affect over a billion devices. Security researchers found as many as 8 zero-day vulnerabilities.
BlueBorne exploits vulnerabilities in the Bluetooth technology of all operating systems. Since Bluetooth is not usually used for penetrating a device, this is a vulnerability that wasn’t discovered until recently, when IoT security firm Armis Labs published its report. The fact that Bluetooth has a lot of privileged permissions on any device means that someone exploiting this BlueBorne virus could spy on your device, steal your data, install ransomware on your device, or even use it to create a system of botnets.
This is quite a big concern since it leaves your device at the attacker’s mercy. Still more worrying is the fact that all this can be accomplished in under 10 seconds, and you won’t even know what happened. Traditional endpoint and network security measures are useless against this attack since it does not use an internet connection to hijack your device.
How BlueBorne Attacks Your Device
BlueBorne is a unique method of attack. Contrary to your usual viruses and malware, it does not require you to download a file knowingly or unknowingly. Instead, it only requires that you keep your Bluetooth turned on, and you are within the range of the attacker. Once these requirements are met, the attack takes place in the following manner:
- The attacker will connect with your device via Bluetooth
- The attacker will obtain the MAC address of your device. This is a unique identifier and reveals information about the OS running on the device.
- Once the attacker knows what operating system your device is running on, they can tweak the exploit according to your particular operating system and cause all kinds of problems within seconds
The reason why people are really concerned about this vulnerability is because it gives almost full access of a device to the attacker in as little as ten seconds. Researchers at Armis Labs, who found this vulnerability, explained that the Bluetooth process in any device has high privileges. This means that if this process is successfully exploited, the attacker will virtually have full access to the victim’s device. It’s not hard to imagine what this kind of vulnerability can lead to. Anything from cyber espionage to installing ransomware or stealing your data is possible using BlueBorne. It is quite superior to the current attack vectors since it penetrates air-gapped networks that aren’t even connected to the internet.
Security Patches By Leading Companies
Armis Labs, the IoT security firm responsible for this discovery, gave its report to companies like Microsoft, Apple, and Google a few months before it was made public. This was done in order to ensure that these companies, which are responsible for running of over 5 billion devices worldwide, could take suitable measures to protect people. Below is a list of vulnerabilities:
- Apple Low Energy Audio Protocol Remote Code Execution vulnerability (CVE Pending)
- The Bluetooth Pineapple in Windows—Logical flaw (CVE-2017-8628)
- Linux kernel Remote Code Execution vulnerability (CVE-2017-1000251)
- Linux Bluetooth stack (BlueZ) information leak vulnerability (CVE-2017-1000250)
- Information Leak Vulnerability in Android (CVE-2017-0785)
- Remote Code Execution Vulnerability (CVE-2017-0782) in Android BNEP’s Personal Area Networking (PAN) profile
- Remote Code Execution Vulnerability (CVE-2017-0781) in Android’s Bluetooth Network Encapsulation Protocol (BNEP) service
- The Bluetooth Pineapple in Android—Logical flaw (CVE-2017-0783)
This warning did not go unheeded, as all providers have done their part to secure their customers. Microsoft released a security update for Windows 10 users in July. This update contains a security patch which prevents the user from being victimized by BlueBorne. If you have your device set to update automatically, you are protected. If not, it’s time to update it. Apple was quick to solve this issue as well. All users running iOS 10 or later on their devices are immune to this attack. Those who are using iOS 9.3.5 or older are still vulnerable to the BlueBorne attack.
As for Google, it sent a security patch to its Android partners. However, this update is only effective for devices running Android Marshmallow or higher. Moreover, the security patch is yet to be rolled out to all devices that will be protected once it arrives. Android has faced this issue a few times in the past, where there’s a delay in security updates becoming available to users due to delay from the providers’ end. Linux users also have a security fix for this issue. Those with Linux BlueZ, Tizen OS, and 3.3-rc1 are vulnerable to BlueBorne.
How to Stay Safe
This vulnerability is one that you can’t really handle alone, once your device is infected with it. The best way to be safe is to prevent your device from getting infiltrated. For those who are using older versions of operating systems which do not have this security patch, you should switch to the newer version so that you are protected from BlueBorne. But as a general rule, it’s best that you keep your Bluetooth turned on only for a short period, and only when you have to connect to another device.
Make sure you keep it on for a very limited time and ensure that you always turn it off and keep it off when not in use. You might think that no one can connect to your device unless it is paired with it, but that’s not the case. If your Bluetooth is on, it will continuously search for devices within its range. This is nothing short of an open invitation for an attacker on the lookout to exploit the BlueBorne vulnerability.
More updates and patches will likely be released in the coming weeks to ensure that no one suffers from a BlueBorne attack. Until then, follow the precautions mentioned above, and make sure you stay protected from all kinds of threats. You should always use quality antivirus software like Norton or McAfee so that your system remains protected from as many threats as possible. Hackers constantly try to come up with new attack vectors, but these antivirus software options have regular updates and patches to keep you protected.
As of now, the technical know-how and sophistication required to truly exploit BlueBorne is something that is not found in many hackers. Although the security researchers at Armis Labs pointed to this fact as a consolation, they were quick to mention that this is one of the most lucrative new prospects for malicious users.
This new development shows how dangerous using technology can be when you don’t fully understand the dangers. As we reach newer heights in the technological sphere, malicious users are busy finding new ways to take advantage of the new innovations. Security researchers are constantly trying to thwart their attempts before they can cause serious harm to users. However, it’s just as important for you to stay up to date and follow the right security measures to stay protected.
To learn more about staying safe online, and to read about the leading antivirus software, check out these reviews.