Research firm Armis has taken the lid of a malicious new attack that potentially makes as many as 5.3 billion devices across platforms vulnerable to malware. This attack vector uses Bluetooth to infect devices with malware without being detected by the victim, and can affect Windows, Linux, Android, and iOS devices alike. The researchers have informed Microsoft, Google, Linux, and Apple about the new ‘BlueBorne’ attack, and some of these companies have even rolled out patches for it.
BlueBorne is particularly dangerous because it doesn’t require a URL link to open, or a file to download, or for the device to even be on the Internet to be infected by malware. It spreads locally via Bluetooth, and the hacker does not need to pair with the device to infect it. The only pre-condition is that Bluetooth needs to be turned on, and then the hacker can easily connect to the device, take control, and spread malware, all of this without ever letting the user know that his device is compromised.
“Armis has also disclosed eight related zero-day vulnerabilities, four of which are classified as critical. BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure ‘air-gapped’ networks, and spread malware laterally to adjacent devices,” the company notes on its website.
What is even more dangerous is that BlueBorne is infectious, and it spreads malware to all devices, be it smartphones, tablets, wearables, laptops, PCs, or other connected devices running on Linux, Windows, Android, or iOS. So if the hacker is able to infect one device, that device can in turn then infect other devices in vicinity (with their Bluetooth turned on) without the knowledge of the victim. So for example, if your device gets infected, you can then potentially infect others just by walking past them, and no-one would realise that any malicious deed just took place.
This could potentially give the hacker access and help infect secure systems of banks, and other institutions without being detected. Armis notes that all devices running on iOS 9.3.5 and above are vulnerable, but fortunately, Apple has released a patch for this with iOS 10, fixing all issues. Microsoft also released an update recently to close this bug, and Google has also released protective patches for Nougat and Marshmallow with the September security update. However, while devices that are in the hands of Google for software support have received the much needed fix, all other Android devices will need to rely on third-party manufacturers, to issue the fix. Armis said it is still not aware of a Linux fix, but it expects it to be released soon.