https://hackaday.com/2017/09/14/bluetooth-vulnerability-affects-all-major-os/
Turn off your Bluetooth! I checked that mine was turned off after reading this:
Security researchers from Armis Labs recently published a whitepaper unveiling eight critical 0-day Bluetooth-related vulnerabilities, affecting Linux, Windows, Android and iOS operating systems. These vulnerabilities alone or combined can lead to privileged code execution on a target device. The only requirement is: Bluetooth turned on. No user interaction is necessary to successfully exploit the flaws.
13 Comments
Tomi Engdahl says:
Billions of Bluetooth devices could get hit by this attack
https://www.cnet.com/news/bluetooth-devices-vulnerable-to-hack-blueborne-armis-labs/
More than 5 billion devices are vulnerable to a “highly infectious” malware attack. Go ahead, blame the internet of things.
More than 5.3 billion devices with Bluetooth signals are at risk of a malware attack newly identified by an internet of things security company.
If you’re not keeping count, that’s most of the estimated 8.2 billion devices that use Bluetooth, which allows for our gadgets to connect and communicate wirelessly. Nearly every connected device out there has Bluetooth capability. Your phones, laptops, speakers, car entertainment systems — the list goes on and on to even the most mundane gadgets.
With BlueBorne, all hackers need to spread malware is for their victims’ devices to have Bluetooth turned on, said Nadir Izrael, Armis’ chief technology officer.
And once one device has been infected, the malware can spread to other devices nearby with the Bluetooth turned on. By scattering over the airwaves, BlueBorne is “highly infectious,” Armis Labs said.
“We’ve run through scenarios where you can walk into a bank and it basically starts spreading around everything,” Izrael said.
The attack echoes the way the WannaCry ransomware spread earlier this year.
Of the 2 billion devices using Android, about 180 million are running on versions that will not be patched, according to Armis.
Of the potentially impacted devices, Armis Labs estimated that 40 percent are not going to be patched. That’s more than 2 billion devices that will be left vulnerable to attacks, they warned.
Tomi Engdahl says:
Armis – BlueBorne Explained
https://www.youtube.com/watch?time_continue=95&v=LLNtZKpL0P8
Armis labs has identified a new attack vector called “BlueBorne.” For more information, please visit https://armis.com/blueborne/
Tomi Engdahl says:
BlueBorne – Linux Smartwatch Take Over Demo
https://www.youtube.com/watch?v=U7mWeKhd_-A
Blueborne – Android Take Over Demo
https://www.youtube.com/watch?v=Az-l90RCns8
Tomi Engdahl says:
BlueBorne White Paper
http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf
The dangers of Bluetooth implementations:
Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks.
Tomi Engdahl says:
Interesting idea, try at your own risl;
Have You Ever Wanted to See the Bluetooth Signals Around You?
https://blog.hackster.io/have-you-ever-wanted-to-see-the-bluetooth-signals-around-you-72d7e474cdc6
maker Toglefritz has come up with a unique and beautiful way to illustrate those Bluetooth signals. The technique pairs an Android app with long exposure photography. Once your phone is paired with the Bluetooth device you want to test the signal of, it will change color as the strength of the signal changes. Taking a long exposure photo (in the dark) while running the app lets you see how the signal changes as you move about the room.
Visualize Bluetooth in a Long Exposure Photo
http://www.instructables.com/id/Visualize-Bluetooth-in-a-Long-Exposure-Photo/
Tomi Engdahl says:
Interesting idea, try at your own risl;
Have You Ever Wanted to See the Bluetooth Signals Around You?
https://blog.hackster.io/have-you-ever-wanted-to-see-the-bluetooth-signals-around-you-72d7e474cdc6
maker Toglefritz has come up with a unique and beautiful way to illustrate those Bluetooth signals. The technique pairs an Android app with long exposure photography. Once your phone is paired with the Bluetooth device you want to test the signal of, it will change color as the strength of the signal changes. Taking a long exposure photo (in the dark) while running the app lets you see how the signal changes as you move about the room.
Visualize Bluetooth in a Long Exposure Photo
http://www.instructables.com/id/Visualize-Bluetooth-in-a-Long-Exposure-Photo/
Tomi Engdahl says:
https://www.google.fi/amp/s/www.theverge.com/platform/amp/2017/9/12/16294904/bluetooth-hack-exploit-android-linux-blueborne
Tomi Engdahl says:
EXPERT SAYS RISK OF BLUETOOTH ‘BLUEBORNE’ ATTACKS ACROSS MULTIPLE DEVICES OVERBLOWN
Security firm says ‘BlueBorne’ is only a risk if your device isn’t updated
https://www.google.fi/amp/s/www.digitaltrends.com/computing/bluetooth-vulnerabilities-blueborne-microsoft-google/amp/
Tomi Engdahl says:
https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/
In all, BlueBorne consists of eight related vulnerabilities, three of which are classified as critical. The vulnerabilities were found in the Bluetooth implementations in Android, Microsoft, Linux and iOS. They include:
*Linux kernel RCE vulnerability – CVE-2017-1000251
*Linux Bluetooth stack (BlueZ) information leak vulnerability – CVE-2017-1000250
*Android information leak vulnerability – CVE-2017-0785
*Android RCE vulnerabilities CVE-2017-0781 & CVE-2017-0782
*The Bluetooth Pineapple in Android – Logical Flaw CVE-2017-0783
*The Bluetooth Pineapple in Windows – Logical Flaw CVE-2017-8628
*Apple Low Energy Audio Protocol RCE vulnerability – CVE Pending
An attack scenario includes an adversary identifying Bluetooth devices nearby and using commonly tools to identify the MAC address of vulnerable Bluetooth devices.
“By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly
Tomi Engdahl says:
BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices
https://www.bleepingcomputer.com/news/security/blueborne-vulnerabilities-impact-over-5-billion-bluetooth-enabled-devices/
BlueBorne affects all Bluetooth enabled devices
They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars.
Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company’s network or even across the world.
Not all devices will receive patches
Armis reported the vulnerabilities to major hardware and software vendors, such as Apple, Google, Microsoft, and the Linux community. Some patches are being developed and will be released today and in the coming days and weeks.
Nonetheless, some devices will never receive a BlueBorne patch as the devices have reached End-Of-Life and are not being supported. Armis estimates this number at around 40% of all Bluetooth-enabled devices, which is over two billion devices.
BlueBorne vulnerabilities are tracked under the following identifiers: CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, and CVE-2017-0785 for Android devices; CVE-2017-1000251 and CVE-2017-1000250 for Linux; CVE-2017-14315 for iOS, and CVE-2017-8628 on Windows.
Who is affected
All Android phones, tablets, and wearables of all versions are affected by the four above mentioned vulnerabilities. Android devices using Bluetooth Low Energy only are not affected. Google patched the flaws in its September Android Security Bulletin.
Windows versions since Windows Vista are all affected. Microsoft said Windows phones are not impacted by BlueBorne. Microsoft secretly released patches in July for CVE-2017-8628, but only today included details about the fixed vulnerability in September’s Patch Tuesday.
All Linux devices running BlueZ are affected by an information leak, while all Linux devices from version 3.3-rc1 (released in October 2011) are affected by a remote code execution flaw that can be exploited via Bluetooth. Samsung’s Tizen OS, based on Linux, is also affected.
All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected, but the issue was patched in iOS 10.
Tomi Engdahl says:
Hey, Turn Bluetooth Off When You’re Not Using It
https://www.wired.com/story/turn-off-bluetooth-security/
But in addition to endangering core devices such as smartphones and PCs, BlueBorne has implications for the billions of Bluetooth-equipped internet of things devices in the world including smart TVs, speakers, and even smart lightbulbs. Many of these devices are built on Linux and don’t have a mechanism for distributing updates. Or even if they do, they rarely receive them in practice. Linux is working on but hasn’t yet issued a BlueBorne patch.
When Bluetooth is on in a device, it is constantly open to and waiting for potential connections. So a BlueBorne attack starts by going through the process Webroot’s Dufour describes—scanning for devices that have Bluetooth on and probing them for information such as device type and operating system to see if they have the relevant vulnerabilities.
Tomi Engdahl says:
Check if your bluetooth device is at risk
Armis Labs revealed last week that bluetooth wrangling potentially threatened up to 8 billion smartphones, tablets, computers, and IoT devices. The company has set up a mobile app that can check the vulnerability of your device.
According to Armis Labs, there have been a number of zero-day attacks that prove the functionality of the Blueborne vector. The hijack allows the hijacker to run remote code on the device and make a so-called Man-in-the-Middle attack.
The vulnerability of your Android device can be checked by Armis Labs with Blueborne Vulnerability Scnner, which runs on Google Play.
Source: http://www.etn.fi/index.php/13-news/6851-tarkista-onko-bluetooth-laitteesi-vaarassa
Tomi Engdahl says:
BlueBorne Vulnerability Scanner by Armis
https://play.google.com/store/apps/details?id=com.armis.blueborne_detector
Check to see if your device – or those around you – is vulnerable to BlueBorne.
Armis discovered BlueBorne, a new attack vector, endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.
It includes 8 zero-day vulnerabilities, 4 of them critical. With BlueBorne, a hacker can take over your device or set up a man-in-the-middle attack. It leverages the most serious exploit in Bluetooth to date, and spreads through the air (airborne). You don’t need to pair with the attacking device. You Bluetooth just needs to be on.
Key points about BlueBorne:
- Penetrates secure “air-gapped” networks
- Spreads laterally to adjacent devices
- Impacts devices from Samsung, Google, Windows, Apple and more
- Microsoft, Android, Linux, and iOS are issuing updates