Billions Of Devices At Risk From Bluetooth Flaws — Blueborne Attacks

Billions Of Devices At Risk From Bluetooth Flaws — Blueborne Attacks

It could also change data in transit.

The eight vulnerabilities include a Linux kernel RCE vulnerability (CVE-2017-1000251), Linux Bluetooth stack (BlueZ) information Leak vulnerability (CVE-2017-1000250), Android information Leak vulnerability (CVE-2017-0785), Android Remote Code Execution vulnerabilities (CVE-2017-0781 and CVE-2017-0782), The Bluetooth Pineapple in Android - Logical Flaw (CVE-2017-0783) and Bluetooth Pineapple in Windows - Logical Flaw (CVE-2017-8628).

Based on a proof-of-concept, the security gaps - which have been dubbed "BlueBorne" - could be used by hackers to spread malware or intercept data. It can spread through the air (airborne) and attacks devices via Bluetooth.

"No security mechanism is there to block incoming Bluetooth connections, so an attacker can bypass all of them completely", says Ben Seri, head of research at Armis Security, the two-year-old cybersecurity startup that found the security holes.

Even when the Bluetooth feature is left in a non-discoverable state, devices running vulnerable implementations can be found with network sniffers, the researchers said. "This vulnerability resides in the Bluetooth Network Encapsulation Protocol (BNEP) service, which enables internet sharing over a Bluetooth connection (tethering)".

Microsoft patched the vulnerabilities in July during the company's regularly scheduled Patch Tuesday. Microsoft said Windows phones are not impacted by BlueBorne. The tech giant's Android ecosystem is fragmented across a wide variety of partners, such as phone manufacturers and mobile carriers, who are responsible for distributing patches developed by Google. Microsoft is expected to release patches later today. It's also highly infectious and can spread malware to nearby devices.

Linux has a problem in memory allocation in Bluetooth that can allow attackers to take over systems.

There are two specific methods attackers could use with exploit code.

Blueborne poses a significant risk to both individuals and organizations.

More news: Britain Pledges to Lend Military Might to EU After Brexit

Armis researchers haven't confirmed that code execution is possible against Windows' unpatched Bluetooth implementation, but they were able to carry out other attacks.

They claim it potentially affects over 8 billion devices although that sounds like a bit of hyperbole given most of the installed base of iOS users, for example, are running a version of iOS that is not vulnerable. The researchers consider three of the flaws to be critical.

Armis disclosed the flaws in April to Apple, Google, Linux maintainers, and Microsoft. The vulnerabilities for Android are indexed as CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, and CVE-2017-0785; the vulnerabilities for Linux are CVE-2017-1000251 and CVE-2017-1000250; the vulnerability for Windows is CVE-2017-8628; the designation for iOS vulnerability wasn't immediately available. According to Armis Labs, BlueBorne can easily affect PCs and mobile phones since there is no need to pair the device with the targeted device.

The researchers said they expect Linux, which is an open source project managed by a community of volunteers, to release a fix soon. They, too, allowed attacks that were transmitted wirelessly from device to device with no user interaction.

More information on the attack can be found below.

"The learning curve to scan for Bluetooth devices isn't that much greater than scanning for Wi-Fi access points". Such self-replicating exploits could quickly take over huge numbers of devices at conferences, sporting events, or in work places. All that is needed is to turn Bluetooth on. The vulnerabilities reported by Armis now reinforce the wisdom of that advice.

Izrael confirmed that BlueBorne exploits would have to be customized for each platform but said the amount of work required to do so would be manageable.

A video posted by Armis demonstrates how a Google Pixel can be compromised.

Related Articles

  • US updates self-driving car guidelines to help development and maintain safety

    US updates self-driving car guidelines to help development and maintain safety

    Chao said the federal guidelines will be updated again next year. "They are not meant to (be)", Chao said. House of Representatives signed off on a proposal to prevent states from banning autonomous cars.
    Liam Neeson Finally Ready to Quit Action Movies

    Liam Neeson Finally Ready to Quit Action Movies

    He plays the high-ranking Federal Bureau of Investigation official who was the Washington Post's "Deep Throat" source in the scandal.
    Supreme Court Allows Trump Administration To Block Refugees With Resettlement Agency Assurances

    Supreme Court Allows Trump Administration To Block Refugees With Resettlement Agency Assurances

    Now, the full Supreme Court will have time to consider the merits of the Trump administration's emergency request. Time is beginning to become a factor in the broader fight over Trump's travel ban.
  • Atletico Madrid: Diego Costa Wrap Up Deal

    Atletico Madrid: Diego Costa Wrap Up Deal

    Talksport understands that Atletico Madrid are hopeful of agreeing a £54m deal for Chelsea striker Diego Costa this week. The striker has made 120 appearances for the Stamford Bridge club since joining in 2014, scoring 58 goals along the way.

    Kim Jong Un hosts party for nuclear experts

    Russian Federation had condemned the idea of tightening sanctions on North Korea without any political push to resolve the crisis. And then China's ambassador at the time was on a Security Council trip to Africa, so he had to rush back to negotiate this.
    DOJ won't bring charges against officers in Freddie Gray case

    DOJ won't bring charges against officers in Freddie Gray case

    Disciplinary trials are scheduled for several Baltimore City Police officers who had been charged in the death of Freddie Gray . Billy Murphy, attorney for Gray's family, said the Justice Department informed him on Tuesday that no charges will be filed.
  • Apocalyptic scenes in storm ravaged Florida Keys

    Apocalyptic scenes in storm ravaged Florida Keys

    In Bonita Springs, on Florida's hard-hit southwest coast, large areas were flooded and the entire city was without power. The city was again spared from a direct hit by a hurricane, as has been its good fortune for more than 90 years running.
    North Korea threatens United States  over new sanctions

    North Korea threatens United States over new sanctions

    The proposal included a ban on oil and textile exports to North Korea and prohibited North Korean citizens from working overseas . It also allows states to inspect vessels on the high seas suspected of carrying items prohibited by the sanctions regime.
    Remember When Trump Talked About His Building's Height on 9/11?

    Remember When Trump Talked About His Building's Height on 9/11?

    In the years that followed, Trump's views on terrorism hardened and his claims about 9/11 grew more outlandish and untrue. Trump also said he lost "hundreds of friends" and that he helped clear rubble after the attacks .
  • Bakersfield PG&E crews aiding Florida crews with power outages

    Bakersfield PG&E crews aiding Florida crews with power outages

    This deployment will be different, as much of the restoration effort will require total rebuilding of power grid systems. "Irma proved to be a powerful and deadly storm", said Jeff Rogers, Gulf Power spokesperson.
    United Nations  imposes new sanctions on North Korea, Pyongyang warns U.S.  of consequences

    United Nations imposes new sanctions on North Korea, Pyongyang warns U.S. of consequences

    Existing North Korean account holders could not deposit or remove money from their accounts, the BoC bank teller said. Secretary-General Antonio Guterres try to resolve the dispute "gives rise to very serious questions in our minds".
    Iraqi province rejects Kurdish independence referendum in its territories

    Iraqi province rejects Kurdish independence referendum in its territories

    Majid Shingali, a Kurdish lawmaker, said the vote was not binding and will not be accepted by the 111 member regional legislature. The Iraqi House of Representatives on Tuesday voted to reject a poll on Kurdish regional independence.