BlueBorne is an airborne computer virus that could blow your connected devices wide open
Computer viruses have finally become airborne with the discovery of BlueBorne – a Bluetooth-highjacking infection. Don’t think this is limited to just your mobile either, BlueBorne can jump between mobile, desktop and IoT systems – mixing happily with Android, iOS, Windows and Linux.
Discovered by Armis Labs, an IoT security and consultancy company from Palo Alto in California, BlueBorne allows attackers to take control of the devices it infects. It aims to access corporate data and networks, break through “air-gapped” networks and act as a seed in the spreading of malware to other connected devices.
BlueBorne can jump between devices via your Bluetooth connection and, most alarmingly of all, doesn’t need to be paired to your phone to work. In fact, the only safe way to avoid infection is to turn your Bluetooth completely off as it can still infect devices with discoverable mode turned off.
As it is, BlueBorne may not be able to cause too much damage to your devices but Armis has also discovered eight zero-day vulnerabilities that could be leveraged to hijack your device. So far these zero-day holes have been cracked wide open as part of lab testing, the company also believes many more vulnerabilities are out there for it to exploit.
If you want to go deeper into what BlueBorne is capable of, Armis Labs has put together a white paper on the virus. If that seems a little too much of a deep-dive, there’s also a YouTube video you can watch to get a more general overview.
BlueBorne: What’s the risk?
According to Armis Labs, BlueBorne has the potential to cause “devastating effect” on your device or corporate networks if it wriggles its way in. It starts by targeting the weakest spot in a network’s defence and then spreads from device to device over the air. It can make the jump so easily because Bluetooth protocols have high priority in most operating systems, allowing the malware to latch on and work its way through your system by acting as a Bluetooth connected device.
BlueBorne can take control of your inputs, access your folders and really do anything it likes to an infected device. Armis believes that BlueBorne surpasses the capabilities of most attacks due to its ability to jump over into networks that are completely disconnected from the internet.
Basically, it’s a hacker’s dream.
BlueBorne: What’s being done?
Understandably, you want to know what’s going on in terms of trying to stop the spread of BlueBorne around the world. Currently, there are around 8.2 billion Bluetooth-enabled devices in the world today, meaning 8.2 billion potential access points for BlueBorne. These devices range from dumb speakers and small IoT devices through to phones and computers and even up to medical devices. That’s why Armis has been working with the world’s biggest tech firms to help clamp down on BlueBorne.
Google, Microsoft, Apple, Samsung and Linux have all been contacted. Apple claimed that, as of 9 August, it had no vulnerabilities in its current software. Google and Microsoft both worked to release a software update ahead of going public with the BlueBorne announcement on the 12 September. Linux should currently be rolling out an update for BlueBorne soon, but Samsung didn’t even opt to reply to concerns meaning that – while its Android-powered devices are secured thanks to Google, it’s others may not be.
BlueBorne: Which devices are vulnerable?
Despite the security updates being rolled out, BlueBorne is still a threat due to how careless many users are with their device updates.
Despite Apple claiming that there were no vulnerabilities in any of its software, all iOS devices running iOS 9.3.5 or lower, along with Apple TV devices older than version 7.2.2 are all vulnerable to BlueBorne. You can solve this by simply updating to iOS 10, or the newest tvOS as both are protected.
All versions of Windows from Vista onwards are vulnerable to BlueBorne and thus require Microsoft’s latest patch release – which should have gone live on 12 September. You can check its status here.
Linux updates are still required, meaning any Tizen OS-powered device – such as the Samsung Gear S3 or its range of Smart TVs – are vulnerable. Alongside that, any Linux device running BlueZ or version 3.3-rc1 are affected.
For Android users, the problem is a little more prevalent. All Android devices, besides those using Bluetooth Low Energy, are affected by BlueBorne – albeit in different ways. Google is issuing a security patch for Android 7 Nougat and Android 6 Marshmallow and is currently notifying manufacturers to push the update out ASAP. If your phone was last updated after 9 September, you should now be protected.