The IoT Security Company, Armis, has released information about an airborne attack which can be used to take over Bluetooth devices without the permission of the device owner. The mode of operation of this attack is invisible and swift, causing damage in as little time as 10 seconds.
Armis have named this attack the BlueBorne vector attack and has issued technical explanations about it. The report revealed that few devices are protected from the vector, since it is airborne and needs no pairing or acceptance for the hacker to do damage. It moves swiftly among connected devices and then takes control of the devices.
Wireless #BlueBorne attacks target billions of #Bluetooth devices – https://t.co/0pKmz8GRUs pic.twitter.com/4xZZ9a2Nau
— Threatpost (@threatpost) September 12, 2017
This vector is endangering to major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and any device using them, which is about 5.3 Billion globally. Attackers take control of devices, accessing corporate data and networks. It can also lead to a breach of information for government and corporate bodies.
Turn off #Bluetooth on all #Android and #Windows devices until the #Blueborne exploit is patched. $crypto wallets potentially vulnerable.
— notsofast (@notsofast) September 12, 2017
Techcrunch reports that the vector operates in three major steps. First, it searches for a device to hack, and can also find devices which are not in discovery mode; forcing the device to give up information about itself. Next step is a set of code executions which allows full control of the device. Finally, after the hacker has access, they are able to employ a ‘Man-in-The-Middle’ attack, streaming data from the device, and causing other cyber criminal activities.
Re: #BlueBorne, how many devices are unpatchable? https://t.co/0pKmz8GRUs pic.twitter.com/3sLjaUYKf7
— Threatpost (@threatpost) September 13, 2017
The BlueBorne vector attack can be used to conduct many offences including remote code execution and Man-in-The-Middle attacks. It seeks for the weakest spot in the network’s defence and spreads from device to device.
There are many cyber dangers and one needs to employ safety measure to protect devices. This is a new threat, and it is obvious that solutions are needed to reduce these vulnerabilities, but one way to protect one’s device is by keeping all devices updated regularly and avoid old IoT devices.
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!