BlueBorne Attack: Millions of devices at Risk

Over 5.3 billion devices across windows, Linux, ios, and android are affected with a new attack vector called BlueBorne. Unless traditional attacks, this attack vector spreads over the air via Bluetooth and hacker does not need to pair with each device.

If Bluetooth is turned on, the hacker can get control of the device, spread the malware, all process will be undetectable by the victim.

Since attacker only requires the Bluetooth to be turned on, with BlueBorne attack the infected device can further connect to infect any other device such as laptops, smart watch, smart phone or any other Bluetooth enabled device.

There is no way of detecting or stopping the attack, as it is invisible. But thankfully there are security patches released for all the platforms that are affected.

How the Attack works ?

The BlueBorne attack vector has several stages. First, the attacker locates active Bluetooth connections around him or her. Devices can be identified even if they are not set to "discoverable" mode. Next, the attacker obtains the device’s MAC address, which is a unique identifier of that specific device. By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly. The attacker will then exploit a vulnerability in the implementation of the Bluetooth protocol in the relevant platform and gain the access he needs to act on his malicious objective. At this stage the attacker can choose to create a Man-in-The-Middle attack and control the device's communication, or take full control over the device and use it for a wide array of cybercriminal purposes. - Armis

CVE Details are listed below:

Platform : Windows (Bluetooth Driver)
CVE’s     : CVE-2017-8628
Severity  : Critical
Impact    : Spoofing Vulnerability

Platform : Linux (Bluetooth stack)
CVE’s     : CVE-2017-1000250, CVE-2017-1000251
Severity  : Critical
Impact    : Information Leak Vulnerability

Click here to understand, how Saner can help organizations to protect against “BlueBorne Attack” and similar threat’s on Windows.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments