A massive Bluetooth Vulnerability can hack almost All devices

[full_width]

Researchers at the cyber security firm Armis are claiming to have discovered a series of vulnerabilities that allow them to silently hack devices over Bluetooth.

More than 5.3 billion devices with Bluetooth signals are at risk of a malware attack newly identified by an internet of things security company.

Because those devices can connect to others effortlessly, Bluetooth has left an open attack point for hackers, according to researchers at Armis Labs.

In a lot of cases, malware depends on people clicking on a link they shouldn't have, or downloading a virus in disguise. With BlueBorne, all hackers need to spread malware is for their victims' devices to have Bluetooth turned on, said Nadir Izrael, Armis' chief technology officer.The attack does not require the targeted device to be paired to the attacker’s device or even to be set on discoverable mode. Armis Labs has identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. Armis believes many more vulnerabilities await discovery in the various platforms using Bluetooth. These vulnerabilities are fully operational and can be successfully exploited, as demonstrated in our research. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as man-in-the-middle attacks.



What Is BlueBorne?
BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device or even to be set on discoverable mode. Armis Labs has identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. Armis believes many more vulnerabilities await discovery in the various platforms using Bluetooth. These vulnerabilities are fully operational and can be successfully exploited, as demonstrated in our research. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as man-in-the-middle attacks.

And once one device has been infected, the malware can spread to other devices nearby with the Bluetooth turned on. By scattering over the airwaves, BlueBorne is "highly infectious," Armis Labs said.

Ben Seri, one of Armis' researchers, used the vulnerabilities to connect to the Pixel without any input from the device. "Because you can use Bluetooth to connect a mouse or keyboard to an Android device, now I can run it," Seri explained. Seri was able to turn the device on remotely, take photos, and export them back to his computer — but his cursor wandered the Pixel's screen to issue commands, which would be a giveaway to the phone's owner if they were watching their screen.



BlueBorne has ability to spread, virus-like, from one infected device to the next

How to prevent BlueBorne
It's a good idea to keep Bluetooth turned off on your device when you're not using it and wait till you get a patch for your device.

Google's Android, however, is spread across so much hardware that the onus to update falls on third-party manufacturers, who might not patch out the vulnerability in time.
Google has issued a patch and notified its partners. It will be available for:

Nougat (7.0)
Marshmallow (6.0)

Google said
"We have released security updates for these issues, and will continue working with other affected platforms across the industry to develop protections that help keep users safe,"


Affected Devices

Windows
All Windows computers since Windows Vista are affected by the “Bluetooth Pineapple” vulnerability which allows an attacker to perform a Man-in-The-Middle attack (CVE-2017-8628).

Microsoft is issuing security patches to all supported Windows versions at 10 AM, Tuesday, September 12. We recommend that Windows users should check with the Microsoft release here for the latest information.

Linux
Linux is the underlying operating system for a wide range of devices. The most commercial, and consumer-oriented platform based on Linux is the Tizen OS.

All Linux devices running BlueZ are affected by the information leak vulnerability (CVE-2017-1000250).
All Linux devices from version 3.3-rc1 (released in October 2011) are affected by the remote code execution vulnerability (CVE-2017-1000251).
Examples of impacted devices:

Samsung Gear S3 (Smartwatch)
Samsung Smart TVs
Samsung Family Hub (Smart refrigerator)
Information on Linux updates will be provided as soon as they are live.

iOS
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected by the remote code execution vulnerability. This vulnerability was already mitigated by Apple in iOS 10, so no new patch is needed to mitigate it. We recommend you upgrade to the latest iOS or tvOS available.

If you are concerned that your device may not be patched, we recommend disabling Bluetooth, and minimizing its use until you can confirm a patch is issued and installed on your device.



White paper (PDF) explaining BlueBorne in detail.
A massive Bluetooth Vulnerability can hack almost All devices A massive Bluetooth Vulnerability can hack almost All devices Reviewed by Haxbaba Tech on 03:40 Rating: 5

No comments:

Powered by Blogger.