Internet of Things (IoT) security firm Armis, has discovered a flaw called by the name BlueBorne in Bluetooth.These critical vulnerabilities enable hackers to carry out remote attacks on Android, iOS, Linux and Windows devices using Bluetooth connections.
Internet of Things (IoT) security firm Armis, has discovered a flaw called by the name BlueBorne in Bluetooth.These critical vulnerabilities enable hackers to carry out remote attacks on Android, iOS, Linux and Windows devices using Bluetooth connections.According to researchers, the flaw 'BlueBorne' can successfully carry out attacks without any user interaction. Any device with Bluetooth enabled can be infected without the need of external malicious links or compromised websites. Eight zero-day vulnerabilities have been exposed and more set to follow putting over 5 million devices at risk.
Blueborne affects computers, mobile phones, and other IoT devices. The devices are not required to be paired or set to discoverable mode. The only requirement for the attacker is to remain in the range of the Bluetooth device, i.e., 32 feet or closer. The hackers can then leverage Bluetooth connections to penetrate and take complete control of the targeted devices.
'BlueBorne' is similar to 'Broadcom' Wifi attack discovered in April 2017 which allowed attackers to attack iPhone and Android devices remotely.
Microsoft released security updates in July to counter the vulnerabilities. Windows users have to ensure that their devices are up to date to receive the security patches. Once updated, the users are automatically protected. According to a Microsoft spokesperson, the disclosure of the same was withheld to allow other vendors to develop and release updates.
Google released a security patch a month back to secure users using Android devices. However, the availability of the patches depends on the manufacturers. Apple devices running iOS 10 are safe from these attacks. Linux is expected to release a patch soon.
Users are advised to limit using Bluetooth devices in public, enable automatic updates and install patches as they arrive. Though these attacks cannot be carried by an average hacker, your security is of prime importance. Better Safe than Sorry.