A new Malware attack is spreading in the world, a Malware called "BlueBorne" is affecting billions of devices. The combination of eight different vulnerabilities is affecting Android, iOS, IoT devices, Windows, and Linux.
According to the research firm Armis, "BlueBorne allows attackers to take control of devices, access corporate data and networks, penetrate secure “air-gapped” networks, and spread malware laterally to adjacent devices.
Armis reported these vulnerabilities to the responsible actors, and is working with them as patches are being identified and released."
Apart from other Malware, the BlueBorne will infect the device and it doesn't need to pair with your device. Pairing is important to use Bluetooth. And few of the devices have a code to connect with your device and some of them get pair automatically if it is in the range.
But if you are not paired then you can't exchange the data with a Bluetooth device. The main problem is, even after Bluetooth devices have paired to one product, they continue sending out signals to locate other devices in the area.
BlueBorne Vulnerability Scanner Checks if Your Device is Vulnerable
The research Armis added the BlueBorne hacker doesn't need any interaction. BlueBorn is suited to all the Software versions and doesn't need any configuration or condition. Unlike the common misconception, Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with.
Which means a connectivity of Bluetooth can be done without pairing the device. As BlueBorn doesn't need pairing, it is one of the biggest capable attacks found in the recent years. This allows the hacker to strike completely undetected.
The researchers have informed Microsoft, Google, Linux, and Apple about the new 'BlueBorne' attack, and some of these companies have even rolled out patches for it.
Particularly, BlueBorne is very dangerous as it does not require any file to download or a URL link to Open or the to be on the Internet and to be infected by Malware. BlueBorne is spread by Bluetooth, the hacker can easily connect to any device and control it then spread Malware. All of this happens without notifying the user.
The most dangerous thing about BlueBorne is it spreads Malware to all the devices. No matter it's a smartphone, tablet, wearable, laptops, PCs or other connected devices running on Linux, Windows, Android, or iOS. For example, if your device is infected, then you will infect others device by just passing them and no one will realize that this Malware has come.
At present, all the Windows devices are running Vista or later all Linux devices running BlueZ or Tizen 3.3-rc1, all Android devices, and all versions of iOS running iOS 9.x or earlier are affected. iOS 10 will not be affected and the later devices of Apple also will not. Google has got a solution but only for Nougat and Marshmallow.
You can even watch the video of it made by Armis.
How Does BlueBorne Works?
BlueBorne works by detecting active Bluetooth devices even it is not in "Discover" mode. It obtains the MAC address of the target device. Then it investigates it to determine what OS is running and adjusts its attack. It can create a man-in-the-middle attack or even take control of the device to further self-distribute to other Bluetooth hardware.
If you use Bluetooth then watch for a solution for these issues. For Windows users, it is a good reason to patch your OS.
So guys take care of your devices.
Stay tuned to us for more updates.