Bluetooth attack can take over phones, computers over the air

  • Bluetooth attack can take over phones, computers over the air

Bluetooth attack can take over phones, computers over the air

Unlike most malicious code, which requires an internet connection or needs a link to be clicked, BlueBorne is airborne and does not need permission. "You sit with a computer with a Bluteooth-enabled radio-just scanning for devices saying, 'Hey, is anybody out there?' Then you start prodding those devices to look for things like the operating system and the Bluetooth version". Such an attack could also be spread quickly by transmitting the malicious exploit from device to device through Bluetooth connectivity.

So far these zero-day holes have been cracked wide open as part of lab testing, the company also believes many more vulnerabilities are out there for it to exploit.

The patch issued by Google was sent to device manufacturers a month ago, but with a variety of Android partners, this means the delivery time of the patch could be different for people depending on the handset or device they now use.

But what makes this vulnerability so worrying is the fact that Bluetooth is available in pretty much all connected devices from smartphones, laptops, tablets, smart TVs and IoT devices. This can lead to the creation of massive botnets.

Conversely, the bad news is that many devices don't get updated, for example, Android devices are notorious for lacking security updates or having to wait a long time to receive them, leaving millions, potentially billions of Android devices at risk. "Companies don't monitor these types of device-to-device connections in their environment, so they can't see these attacks or stop them".

The Bluetooth Pineapple vulnerability allows an attacker to create a MITM attack using only a Bluetooth-connected device and no special equipment, which is often required for Wi-Fi interception. Their impact varies based on operating system.

So what's next? Armis Security notified significant third parties after it discovered the vulnerability, said Walker.

They warned that the vulnerabilities are totally operational, and could be used to carry out a large series of transgressions, including remote code execution and Man-in-The-Middle attacks.

But, in the meantime, users can also protect themselves by simply switching off Bluetooth on their devices. Through this vulnerability, an attacker can get hold of your phone without even physically approaching it.

Apple fixed the vulnerability for its devices with an update to iOS 10, which 89 percent of all iOS device users have updated to.

All versions of Windows from Vista onwards are vulnerable to BlueBorne and thus require Microsoft's latest patch release - which should have gone live on 12 September.

An nearly identical man-in-the-middle issue was found in the Android Bluetooth stack.

The spec's complexity, Armis contends, has prevented researchers from thoroughly investigating its various implementations for flaws, leaving it full of holes. An attacker can use this to observe all traffic and steal authentication information. Google patched the flaws in its September Android Security Bulletin. On the other hand, there have longstanding issues of deploying a patch in Android devices. This was on the unpatched Pixel device though, and it does not seem that it can be recreated on a device with the patch installed. The impacted devices don't need to connect to anything, and the attack can even work when the Bluetooth on the victim device is already paired to something else.