Armis Labs has revealed a new attack vector that places billions of devices at risk and is completely platform agnostic. Virtually every device with Bluetooth enabled is exploitable via BlueBorne regardless of operating system – Mac OS, iOS (only devices running iOS 9.3.5 and lower are affected), Android, Linux and Windows are all affected.
So what is BlueBorne? BlueBorne allows an attacker to gain control of your desktop, laptop, mobile or IoT device over the air via your Bluetooth connection. BlueBorne does not require your device to be paired with your attackers device. Basically, the attacker scans active Bluetooth connections around them (which can be identified even if not set to “discoverable”). Then the attacker obtains your MAC address. The attacker can then determine which operating system is in use, and adjust the exploit accordingly. The attacker will then exploit a vulnerability in the implementation of the Bluetooth protocol in that operating system and gain the access required to control the device. At this stage the attacker can choose to create a Man-in-The-Middle attack and control the device’s communication, or take full control over the device. With over eight BILLION Bluetooth capable devices active today, the BlueBorne threat has incredible potential.
BlueBorne does not require your device to be paired with your attackers device. BlueBorne is spread “over the air”.
So how can you protect your devices from BlueBorne? Currently, the only way to protect your devices is to completely disable Bluetooth. Antivirus, MDM and firewalls cannot currently protect you as they are not designed to handle this type of threat. Though it should be noted… Apple users running iOS 10 or better are no longer vulnerable as Apple mitigated the threat in iOS 10 and iOS 11 is right around the corner. Unfortunately due to how fragmented the Android operating system is, Android users of varying flavors may remain at risk for quite some time.
Currently, the only way to protect your devices is to completely disable Bluetooth.
Armis Labs has an impressive technical overview of BlueBorne live on their site, here, which goes far more in depth – it’s definitely worth reading!