Bluetooth Vulnerability Affects All Major OS

https://hackaday.com/2017/09/14/bluetooth-vulnerability-affects-all-major-os/

Turn off your Bluetooth! I checked that mine was turned off after reading this:

Security researchers from Armis Labs recently published a whitepaper unveiling eight critical 0-day Bluetooth-related vulnerabilities, affecting Linux, Windows, Android and iOS operating systems. These vulnerabilities alone or combined can lead to privileged code execution on a target device. The only requirement is: Bluetooth turned on. No user interaction is necessary to successfully exploit the flaws.

13 Comments

  1. Tomi Engdahl says:

    Billions of Bluetooth devices could get hit by this attack
    https://www.cnet.com/news/bluetooth-devices-vulnerable-to-hack-blueborne-armis-labs/

    More than 5 billion devices are vulnerable to a “highly infectious” malware attack. Go ahead, blame the internet of things.

    More than 5.3 billion devices with Bluetooth signals are at risk of a malware attack newly identified by an internet of things security company.

    If you’re not keeping count, that’s most of the estimated 8.2 billion devices that use Bluetooth, which allows for our gadgets to connect and communicate wirelessly. Nearly every connected device out there has Bluetooth capability. Your phones, laptops, speakers, car entertainment systems — the list goes on and on to even the most mundane gadgets.

    With BlueBorne, all hackers need to spread malware is for their victims’ devices to have Bluetooth turned on, said Nadir Izrael, Armis’ chief technology officer.

    And once one device has been infected, the malware can spread to other devices nearby with the Bluetooth turned on. By scattering over the airwaves, BlueBorne is “highly infectious,” Armis Labs said.

    “We’ve run through scenarios where you can walk into a bank and it basically starts spreading around everything,” Izrael said.

    The attack echoes the way the WannaCry ransomware spread earlier this year.

    Of the 2 billion devices using Android, about 180 million are running on versions that will not be patched, according to Armis.

    Of the potentially impacted devices, Armis Labs estimated that 40 percent are not going to be patched. That’s more than 2 billion devices that will be left vulnerable to attacks, they warned.

    Reply
  2. Tomi Engdahl says:

    Armis – BlueBorne Explained
    https://www.youtube.com/watch?time_continue=95&v=LLNtZKpL0P8

    Armis labs has identified a new attack vector called “BlueBorne.” For more information, please visit https://armis.com/blueborne/

    Reply
  3. Tomi Engdahl says:

    BlueBorne – Linux Smartwatch Take Over Demo
    https://www.youtube.com/watch?v=U7mWeKhd_-A

    Blueborne – Android Take Over Demo
    https://www.youtube.com/watch?v=Az-l90RCns8

    Reply
  4. Tomi Engdahl says:

    BlueBorne White Paper
    http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf

    The dangers of Bluetooth implementations:

    Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks.

    Reply
  5. Tomi Engdahl says:

    Interesting idea, try at your own risl;

    Have You Ever Wanted to See the Bluetooth Signals Around You?
    https://blog.hackster.io/have-you-ever-wanted-to-see-the-bluetooth-signals-around-you-72d7e474cdc6

    maker Toglefritz has come up with a unique and beautiful way to illustrate those Bluetooth signals. The technique pairs an Android app with long exposure photography. Once your phone is paired with the Bluetooth device you want to test the signal of, it will change color as the strength of the signal changes. Taking a long exposure photo (in the dark) while running the app lets you see how the signal changes as you move about the room.

    Visualize Bluetooth in a Long Exposure Photo
    http://www.instructables.com/id/Visualize-Bluetooth-in-a-Long-Exposure-Photo/

    Reply
  6. Tomi Engdahl says:

    Interesting idea, try at your own risl;

    Have You Ever Wanted to See the Bluetooth Signals Around You?
    https://blog.hackster.io/have-you-ever-wanted-to-see-the-bluetooth-signals-around-you-72d7e474cdc6

    maker Toglefritz has come up with a unique and beautiful way to illustrate those Bluetooth signals. The technique pairs an Android app with long exposure photography. Once your phone is paired with the Bluetooth device you want to test the signal of, it will change color as the strength of the signal changes. Taking a long exposure photo (in the dark) while running the app lets you see how the signal changes as you move about the room.

    Visualize Bluetooth in a Long Exposure Photo
    http://www.instructables.com/id/Visualize-Bluetooth-in-a-Long-Exposure-Photo/

    Reply
  7. Tomi Engdahl says:

    EXPERT SAYS RISK OF BLUETOOTH ‘BLUEBORNE’ ATTACKS ACROSS MULTIPLE DEVICES OVERBLOWN
    Security firm says ‘BlueBorne’ is only a risk if your device isn’t updated
    https://www.google.fi/amp/s/www.digitaltrends.com/computing/bluetooth-vulnerabilities-blueborne-microsoft-google/amp/

    Reply
  8. Tomi Engdahl says:

    https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/

    In all, BlueBorne consists of eight related vulnerabilities, three of which are classified as critical. The vulnerabilities were found in the Bluetooth implementations in Android, Microsoft, Linux and iOS. They include:

    *Linux kernel RCE vulnerability – CVE-2017-1000251
    *Linux Bluetooth stack (BlueZ) information leak vulnerability – CVE-2017-1000250
    *Android information leak vulnerability – CVE-2017-0785
    *Android RCE vulnerabilities CVE-2017-0781 & CVE-2017-0782
    *The Bluetooth Pineapple in Android – Logical Flaw CVE-2017-0783
    *The Bluetooth Pineapple in Windows – Logical Flaw CVE-2017-8628
    *Apple Low Energy Audio Protocol RCE vulnerability – CVE Pending
    An attack scenario includes an adversary identifying Bluetooth devices nearby and using commonly tools to identify the MAC address of vulnerable Bluetooth devices.

    “By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly

    Reply
  9. Tomi Engdahl says:

    BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices
    https://www.bleepingcomputer.com/news/security/blueborne-vulnerabilities-impact-over-5-billion-bluetooth-enabled-devices/

    BlueBorne affects all Bluetooth enabled devices

    They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars.

    Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company’s network or even across the world.

    Not all devices will receive patches

    Armis reported the vulnerabilities to major hardware and software vendors, such as Apple, Google, Microsoft, and the Linux community. Some patches are being developed and will be released today and in the coming days and weeks.

    Nonetheless, some devices will never receive a BlueBorne patch as the devices have reached End-Of-Life and are not being supported. Armis estimates this number at around 40% of all Bluetooth-enabled devices, which is over two billion devices.

    BlueBorne vulnerabilities are tracked under the following identifiers: CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, and CVE-2017-0785 for Android devices; CVE-2017-1000251 and CVE-2017-1000250 for Linux; CVE-2017-14315 for iOS, and CVE-2017-8628 on Windows.

    Who is affected

    All Android phones, tablets, and wearables of all versions are affected by the four above mentioned vulnerabilities. Android devices using Bluetooth Low Energy only are not affected. Google patched the flaws in its September Android Security Bulletin.

    Windows versions since Windows Vista are all affected. Microsoft said Windows phones are not impacted by BlueBorne. Microsoft secretly released patches in July for CVE-2017-8628, but only today included details about the fixed vulnerability in September’s Patch Tuesday.

    All Linux devices running BlueZ are affected by an information leak, while all Linux devices from version 3.3-rc1 (released in October 2011) are affected by a remote code execution flaw that can be exploited via Bluetooth. Samsung’s Tizen OS, based on Linux, is also affected.

    All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected, but the issue was patched in iOS 10.

    Reply
  10. Tomi Engdahl says:

    Hey, Turn Bluetooth Off When You’re Not Using It
    https://www.wired.com/story/turn-off-bluetooth-security/

    But in addition to endangering core devices such as smartphones and PCs, BlueBorne has implications for the billions of Bluetooth-equipped internet of things devices in the world including smart TVs, speakers, and even smart lightbulbs. Many of these devices are built on Linux and don’t have a mechanism for distributing updates. Or even if they do, they rarely receive them in practice. Linux is working on but hasn’t yet issued a BlueBorne patch.

    When Bluetooth is on in a device, it is constantly open to and waiting for potential connections. So a BlueBorne attack starts by going through the process Webroot’s Dufour describes—scanning for devices that have Bluetooth on and probing them for information such as device type and operating system to see if they have the relevant vulnerabilities.

    Reply
  11. Tomi Engdahl says:

    Check if your bluetooth device is at risk

    Armis Labs revealed last week that bluetooth wrangling potentially threatened up to 8 billion smartphones, tablets, computers, and IoT devices. The company has set up a mobile app that can check the vulnerability of your device.

    According to Armis Labs, there have been a number of zero-day attacks that prove the functionality of the Blueborne vector. The hijack allows the hijacker to run remote code on the device and make a so-called Man-in-the-Middle attack.

    The vulnerability of your Android device can be checked by Armis Labs with Blueborne Vulnerability Scnner, which runs on Google Play.

    Source: http://www.etn.fi/index.php/13-news/6851-tarkista-onko-bluetooth-laitteesi-vaarassa

    Reply
  12. Tomi Engdahl says:

    BlueBorne Vulnerability Scanner by Armis
    https://play.google.com/store/apps/details?id=com.armis.blueborne_detector

    Check to see if your device – or those around you – is vulnerable to BlueBorne.

    Armis discovered BlueBorne, a new attack vector, endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.

    It includes 8 zero-day vulnerabilities, 4 of them critical. With BlueBorne, a hacker can take over your device or set up a man-in-the-middle attack. It leverages the most serious exploit in Bluetooth to date, and spreads through the air (airborne). You don’t need to pair with the attacking device. You Bluetooth just needs to be on.

    Key points about BlueBorne:
    - Penetrates secure “air-gapped” networks
    - Spreads laterally to adjacent devices
    - Impacts devices from Samsung, Google, Windows, Apple and more
    - Microsoft, Android, Linux, and iOS are issuing updates

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*