BlueBorne Attack: Millions of Devices at Risk

  • Post author:
  • Reading time:3 mins read

Over 5.3 billion devices across Windows, Linux, ios, and Android are affected by a new attack vector called BlueBorne Attack. Unless traditional attacks, this attack vector spreads over the air via Bluetooth, and the hacker does not need to pair with each device. A good Vulnerability Management Tool can significantly reduce all these attacks and create a safe and secure environment for your organization.

If Bluetooth is turned on, the hacker can get control of the device and spread the malware; all processes will be undetectable by the victim.

Since the attacker only requires Bluetooth to be turned on, with the BlueBorne attack, the infected device can further connect to infect any device, such as a laptop, smartwatch, smartphone, or any other Bluetooth-enabled device. A Vulnerability Management Software can automatically detect any form of vulnerability.

There is no way of detecting or stopping the attack, as it is invisible. But thankfully, there are security patches releasing for all the platforms that are affecting.


How does the Attack work?

The BlueBorne attack vector has several stages. First, the attacker locates active Bluetooth connections around him or her. Devices can be identified even if they are not set to "discoverable" mode. Next, the attacker obtains the device’s MAC address, which is a unique identifier of that specific device. By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly. The attacker will then exploit a vulnerability in the implementation of the Bluetooth protocol in the relevant platform and gain the access he needs to act on his malicious objective. At this stage the attacker can choose to create a Man-in-The-Middle attack and control the device's communication, or take full control over the device and use it for a wide array of cybercriminal purposes. - Armis


CVE Details are listing below for the BlueBorne attack:

Platform : Windows (Bluetooth Driver)
CVE’s     : CVE-2017-8628
Severity  : Critical
Impact    : Spoofing Vulnerability


Platform : Linux (Bluetooth stack)
CVE’s     : CVE-2017-1000250, CVE-2017-1000251
Severity  : Critical
Impact    : Information Leak Vulnerability


Click here to understand how Saner can help organizations to protect against “BlueBorne Attack” and similar threats on Windows.

Share this article