Connect with us

Hi, what are you looking for?

HEADLINES

BlueBorne makes billions of devices potentially vulnerable to attack

A new Bluetooth exploit, known as BlueBorne, has been discovered to exploit a number of Bluetooth vulnerabilities, making billions of devices potentially vulnerable to attack, warns Fortinet.

While there is no evidence that such attack vectors currently exist in the wild, it is possible that proof-of-concept exploits exist in labs, or could easily be developed and released in the wild.

BlueBorne is a hybrid Trojan-Worm malware that spreads via Bluetooth. Because it includes worm-like properties, any infected system is also a potential carrier, and will actively search for vulnerable hosts. Unfortunately, vulnerable hosts can include any Bluetooth-enabled device, including Android, iOS, Mac OSX, and Windows systems.

The implications of this threat vector are far-reaching because Bluetooth is one of the most widely deployed and used connectivity protocols in the world. Everything from electronic appliances to smartphones uses it, as do a growing number of IoT devices, including smart TVs, smart car gadgets and even home security systems.

“Tackling the BlueBorne exploit is challenging because Bluetooth is not a communications protocol that is monitored and inspected by most network security tools. Therefore, traditional security devices such as intrusion detection systems will most likely not be able to detect BlueBorne attacks,” said David Maciejak, Director of Security Research, Fortinet. “Since this technology has not really been a focus for security researchers, it is highly likely that we will see an increase in attackers looking to exploit Bluetooth implementations in the future.”

Advertisement. Scroll to continue reading.

To protect yourself and your Bluetooth-enabled devices, you need to immediately do three things:

  • Disable Bluetooth on your devices unless it is absolutely needed. If you turn it on, then turn it off as soon as you are done using it.
  • Identify the devices you own or that are attached to your network. Closely monitor those manufacturers for Bluetooth updates.
  • Patch systems as soon as updates become available. Apple iOS was patched in 2016 with an iOS 10 release. Microsoft issued a patch for Windows this July. And Google is reportedly now working on distributing a patch.

The BlueBorne malware works by scanning for Bluetooth-enabled devices and then probing them to see if they have relevant vulnerabilities.

“Once a target is identified, the hack takes less than 10 seconds, and targeted devices don’t even need to accept an incoming connection in order to be compromised,” warned Maciejak. “Once a device has been compromised, attackers are able to run arbitrary commands on the device and even access and potentially steal data. The attack also immediately begins to seek out and spread to other vulnerable Bluetooth-enabled targets.”

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement