Did you know that you could be an easy target for hackers if your Bluetooth is turned on? No matter the device, you could be at risk.
Researchers at security firm Armis are warning users about a new attack vector leveraging Bluetooth that affects almost 5.3 billion devices across iOS, Android, Windows, and Linux. The BlueBorne technique, which spreads through the air, could allow an attacker to take complete control of affected devices, access corporate data and networks, penetrate even “secure” networks, and spread malware.
Worse yet, “the attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode,” the company wrote in a blog post. In fact, this attack requires no user interaction at all.
If a user simply has Bluetooth enabled, a hacker would be able connect to their device and spread malware—all without the user’s knowledge. Armis explained that because it propagates through the air, BlueBorne is “much more dangerous” than the majority of attacks today, which rely on the internet. This unusual attack method also allows hackers to bypass current security defenses since they don’t protect against “airborne threats” of this kind.
“BlueBorne can serve any malicious objective, such as cyber espionage, data theft, ransomware, and even creating large botnets out of IoT devices,” Armis said.
Armis has uncovered eight associated zero-day vulnerabilities, four of which are classified as “critical.” The company has reported these flaws to affected companies — including Google, Microsoft, Apple, Samsung, and Linux — and is working with them to get patches deployed.
Armis strongly advises that you disable Bluetooth on any devices if you are worried.
If you would like to educate yourself further or to view the original content, please visit: https://www.pcmag.com/news/356174/blueborne-bluetooth-attack-puts-5-billion-devices-at-risk