what is blueborne
Blueborne is the latest attack vector which is endangering mobile phones, computers, operating systems such as iOS, Linux and Android.
Hackers can exploit bluetooth connections and penetrate a device, thus taking full control of the device.
The attack does not require any bluetooth pairing with the attacker or to be set to discoverable.
What Does It Do?
The Virus allows the attacker to:
- control the device affected
- access data of the device
- penetrate secured air-gapped networks
- spread malware to adjacent devices.
The blueborne virus can be used to conduct a large range of offenses such as remote code execution and Man-in-the-middle attack.
we recommend disabling Bluetooth, and minimizing its use until you can confirm a patch is issued and installed on your device.
How Does It Spread?
Blueborne spreads through the air unlike traditional malware or attacks, the user does not have to click on a link or download a questionable file.
No action by the user is necessary to enable the attack.
Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with.
This means a Bluetooth connection can be established without pairing the devices at all.
This makes BlueBorne one of the most broad potential attacks found in recent years, and allows an attacker to strike completely undetected.
It targets the weakest spot in the networks security.
Spreading through air makes the virus highly infectious since bluetooth process has high privilages on all Os.
BlueBorne can serve any malicious objective, such as cyber espionage, data theft, ransomware, and even creating large botnets out of IoT devices.
What Devices Are Affected?
All Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions are affected by four vulnerabilities found in the Android Os.
Two of these vulnerabilities allows remote code execution.
One results in information leak and the last allows an attacker to perform a Man-in-The-Middle attack.
Examples of impacted devices:
Samsung Galaxy Tab
LG Watch Sport
Pumpkin Car Audio System
All Windows computers since Windows Vista are affected by the Bluetooth Pineapple vulnerability which allows an attacker to perform a Man-in-The-Middle attack.
Linux distributions have started to push updates as well, please look for specific updates made by your distribution.
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected.
We recommend you upgrade to the latest iOS or tvOS available.
How to Avoid Blueborne Virus
If you are concerned that your device may not be patched, we recommend disabling Bluetooth, and minimizing its use until you can confirm a patch is issued and installed on your device.
Current security measures, including endpoint protection, mobile data management, firewalls, and network security solution are not designed to identify these type of attacks, and related vulnerabilities and exploits, as their main focus is to block attacks that can spread via IP connections.