BlueBorne concerns us because of the medium by which it operates. Unlike the majority of attacks today, which rely on the internet, a BlueBorne attack spreads through the air.
Airborne attacks, unfortunately, provide a number of opportunities for the attackers.
Spreading through the air renders the attack much more contagious and allows it to spread with minimum effort.
Armis Labs revealed this new attack vector Called “Blueborne”. The exploit can manipulate within a Bluetooth range of your laptop, phone, car, or anything else that runs including Android, iOS, Windows, and Linux.
It simply gains control over the device without any action from the user.
What Is BlueBorne?
- BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to take complete control over targeted devices.
- BlueBorne affects ordinary computers, mobile phones
- The attack does not require the targeted device to be paired to the attacker’s device or even to be set on discoverable mode.
- The scary part is what happens after the connection is made.
- An attacker can act as the logged in user.
Armis contacted to the major companies like Google, Microsoft, Apple, Samsung and Linux regarding this security issue and they all responded well to this issue.
Microsoft issued security patches to all supported Windows versions on July 11, 2017
Google has issued a security update patch and notified its partners. It was available to Android partners on August 7th, 2017 and Android users should verify that they have September 9, 2017, Security Patch Level.
Linux pushed patches to the upstream projects in addition to resolve those vulnerabilities.
In Apple iOS 10 this vulnerability is no more.
Google’s Android is widespread across the third-party manufacturers and they might not patch out the vulnerability in time. Google released protective patches for Nougat (7.0) and Marshmallow (6.0) as a result of its September security update.
Bluetooth’s short range means an attacker has to be near you to use the Blueborne exploit.
If you see the screen turn on, therefore, you should look and see why. This is the biggest “flaw” in the exploit and It will turn your screen on if someone tries to do anything while connected.
At the end, we are strongly recommending you to Shut Bluetooth off while you’re not using it and don’t leave your phone unattended.