The security company Armis has discovered a set of eight exploits that allow breaching the connections of virtually any Bluetooth device. This new attack vector has been called BlueBorne, and can affect any device you use, both smartphones and laptops or IoT devices.
The attack does not require the victim to interact with the attacking device. This means that they can take control of your device without having to connect to any specific place with it. Researchers who have discovered this failure have already contacted the affected manufacturers, so even if it is calculated that there are around 5 billion vulnerable devices, the solutions for most of them should not be long in coming.
How the attack works
As we see in this video that has been published by Armis to explain the attack vector, the big difference with respect to the vast majority of exploits is that it is not necessary for the victim to connect to any website, to download any file with which become infected, or that it is matched to any specific device.
It is simply worth having Bluetooth enabled so that an attacker can connect to your device without you noticing to infect it with the malware you want. This means that a device infected with BlueBorne can infect anyone with Bluetooth enabled around it, and that even once infected these devices can in turn inadvertently spread the malware.
The attack seems to come from a movie or series like Mr. Robot, because with this exploit you can infect any device with a ransomware or any other malware just by being near it. Something quite worrying in a time when devices such as wireless headphones make us take the Bluetooth almost always connected.
In this other video we can see how an attacker needs a little more than a minute to connect to an Android phone that is at his side. Once connected, you can take control of the device, open applications such as the camera and take the photos you take, or install any application or malware you want without the owner of the mobile phone.
The process is the following. The attack vector starts by finding the devices it has around it, forcing them to give information about them, and even to show their passwords. Then you just have to connect to the device, and once you do it you already have full control to make “man-in-the-middle” attacks or whatever you want.
As the researchers explained, the attack is possible due to vulnerabilities in the Bluetooth Network Encapsulation Protocol (BNEP), which is what allows Internet sharing through a Bluetooth connection (connection). This failure allows you to trigger memory corruption and execute code on the device giving you total control.
You may also like to read: The keys of facial recognition systems: What is your true level of security?
Vulnerable practically all systems
In the internal tests carried out by the research group that discovered the vulnerability, they managed to take control of Android devices such as the Google Pixel, Samsung Galaxy, Galaxy Tab, LG Watch Sport or the Pumpkin audio system in the car. Also on other Linux devices such as Samsung Gear 3 or Samsung Smart TV, all iPhone, iPad and iPod Touch with iOS 9.3.5 and above and AppleTV devices with version 7.2.2.
They have also successfully tested it on computers with Windows versions from Windows Vista, and with all GNU / Linux devices starting with version 3.3-rc1 of the Kernel released in October 2011. Come on, that in this case there is no debate about which operating system is safer because everyone is vulnerable.
Armis researchers notified Google and Microsoft on April 19, Apple and the Linux team in August, and Samsung repeatedly in April, May and June. Google, Microsoft and the Linux Kernel security team have already responded by spreading the problem in a coordinated way among their developers. Samsung for its part has not yet responded.
As for Apple, from the Cupertino company have assured that the vulnerability does not affect the latest versions of their systems. This means that if you have your iPhone updated you should not have problems, although if you have a device that no longer receives software updates you should take extreme precautions.
The solutions are on arrival
Having notified all the companies responsible for the software of our mobile devices it is only a matter of time before updates start to arrive to solve the problem. In fact, Armis has not published the information about BlueBorne until it has been confirmed that they are already working on it to minimize the risk of someone taking advantage of the exploit.
Therefore do not panic. Of course, while you get the imminent next security update should take extreme precautions and be attentive to your device. The positive side is that your mobile will “wake up” if you connect to it with this exploit, so with a little attention you can know that something strange is happening and turn off the Bluetooth.
This vulnerability is a clear example of the security challenges that new technologies face. We are in the times of “everything connected”, a trend that will continue with the Internet of Things, so that vulnerabilities such as BlueBorne can affect millions of devices.
Tags: BlueBorne, Bluetooth
Leave a Reply