Using Bluetooth is a convenient way to exchange data between devices and to connect wireless peripherals. It is supported on billions of desktop PCs, laptops, phones, and other devices, most of which are susceptible to a new attack vector that dubbed "BlueBorne."
What makes BlueBorne so dangerous is that it does not require any interaction with a device's user. Simply having Bluetooth turned on is enough for BlueBorne to work its malicious magic. Just as frightening is that it can spread through the air and attack other nearby devices, a trait that has drawn comparisons to the WannaCry ransomware that initially spread like wildfire.
"BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode," explains Armis Labs, an IoT security outfit.
Armsi Labs claims to have identified eight zero-day vulnerabilities so far, and believes that many wore await discovery. Of the estimated 8.2 billion devices that use Bluetooth, BlueBorne affects nearly 5.3 million of them across Windows, Linux, Android, and iOS.
Most attack vectors require a user to click on a malicious link or download a file containing a payload. That is not the case here. BlueBorne does not even require an Internet connection. It spreads locally over the air via Bluetooth. An attacker doesn't even need to pair a device with a target system in order to exploit this vulnerability.
In the above video, Armsi Labs uses an example of a delivery person with an infected phone. As he makes deliveries to different locations, including relatively secure ones such as banks, BlueBorne is able to spread to multiple Bluetooth devices. Each of those devices then become a carrier of the malware.
"This works similarly to the two less extensive vulnerabilities discovered recently in a Broadcom Wi-Fi chip by Project Zero and Exodus. The vulnerabilities found in Wi-Fi chips affect only the peripherals of the device, and require another step to take control of the device. With BlueBorne, attackers can gain full control right from the start. Moreover, Bluetooth offers a wider attacker surface than Wi-Fi, almost entirely unexplored by the research community and hence contains far more vulnerabilities," Armsi Labs added.
As it pertains to Windows, every version since Vista is affected. Microsoft is planning to roll out security patches today that address the issue, so be on the lookout for your particular version of Windows. Also keep an eye out for patches applicable to any mobile devices and platforms you use.
Update
So the report from Armis Labs is a little confusing, but apparently Microsoft patched this vulnerability in July, albeit without disclosing exactly what it was fixing.
"Microsoft released security updates in July and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates," a Microsoft spokesperson said.
If you do not have automatic updates enabled, it is recommended that you and grab the latest patches.
