Billions of devices impacted by new Bluetooth attack

[Shawn Knight]

Researchers at Armis Labs on Tuesday detailed a new attack vector which they claim can potentially affect all devices with Bluetooth capabilities.

Armis, a firm that focuses on Internet of Things security, is calling it BlueBorne.

The attack vector reportedly allows an attacker to take complete control of a device, access corporate data and networks, infiltrate "secure" air-gapped networks, create large botnets out of IoT devices and more. It's also highly infectious and can spread malware to nearby devices.

Armis says it affects computers running Windows and Linux as well as IoT gadgets and mobile devices powered by Android and iOS.

Bluetooth is one of the most popular wireless communications standards on the block. The technology has found a serious following in recent years with the advent of mobile devices.

In total, nearly 5.3 billion devices are vulnerable.

Perhaps what's most alarming about BlueBorne is the fact that a target device doesn't need to visit a specific website, download an infected file or even pair with another device to become a victim. So long as Bluetooth is enabled, a hacker can gain access and wreak havoc. Worse yet, all of this can be done without a user's knowledge.

Armis also disclosed eight related zero-day vulnerabilities, four of which are considered to be critical in nature.

A list of affected devices can be found on Armis' website.

The company said it has already reached out to major companies including Google, Microsoft, Apple, Samsung and Linux to ensure a coordinated response.

Permalink to story.

https://www.techspot.com/news/70953-billions-devices-impacted-new-bluetooth-attack.html

 

[davislane1]

If your car suddenly tries to veer off the road or into oncoming traffic, make sure to wrap the center console in tinfoil as fast as possible to save your life. It's the only way to prevent Bluetooth murder.

 

[namesrejected]

Aww! Tell us how to use it!

 

[Adhmuz]

So simple solution just turn off Bluetooth on all your devices until it's patched? Easy, I don't use that **** anyways.

 

[Skidmarksdeluxe]

If your car suddenly tries to veer off the road or into oncoming traffic, make sure to wrap the center console in tinfoil as fast as possible to save your life. It's the only way to prevent Bluetooth murder.

Better still is to sell your fancy ride and buy a 90's/80's or earlier model car instead. That will be a 100% guaranteed hackproof solution.

 

[GreenNova343]

So simple solution just turn off Bluetooth on all your devices until it's patched? Easy, I don't use that **** anyways.

Guess that leaves all of those people with the newer smartphones that lack a physical headphone jack completely out of luck. Glad I stuck with my iPhone 6...

 

[maxxcool]

.. click bait ..

Windows is already patched
Macos is already patched
Nexus devices are already patched
all devices shipping with 7.1.xx android all already patched
all IOs devices are already patched

the only people at risk are those with pre-7x android and *****s using hacked OS's they CANT update beauce they are illegal copies.

 

[tonylukac]

The first day I got my new subaru last year the radio got infected by a virus from my phone. I believe the chickfilet app on the phone did this. The radio console would reboot and the virus was gone, then get reinfected from the phone each time. The music wouldn't stop, so it didn't get deep into the car. Removed the app from the phone and just don't use bluetooth in the car. By the way, the firmware source code is available and I may modify it sometime, but I won't give you a ride after that. The automatic trans, which subaru is new at, has some idiosyncracies in its firmware like slow acceleration until a 5 minute warm up passes, so this is enticing to remove. Wild programmers were let loose on it to do their "genius."

 

[Theinsanegamer]

.. click bait ..

Windows is already patched
Macos is already patched
Nexus devices are already patched
all devices shipping with 7.1.xx android all already patched
all IOs devices are already patched

the only people at risk are those with pre-7x android and *****s using hacked OS's they CANT update beauce they are illegal copies.

Annnnd what about all the things those phones CONNECT to? What about all the IoT devices, or cars with bluetooth, or all the android phones that HAVENT got the update yet (most of them)? Android 7 is only 15.8% of the market, and even many of THOSE have yet to be updated (my moto z play has not seen an update, neither has my coworkers samsung S8).

that is a MASSIVE number of devices, and in the case of the android phones, IoT devices, and cars, will most likely never be patched properly. Ford has sold over 2 million F150s with bluetooth in them since 2011 in the US alone. 2 million vulnerable cars, from one manufacturer, in one single segment, in just ONE country.

Far from "click bait".

 

[JamesSWD]

If your car suddenly tries to veer off the road or into oncoming traffic, make sure to wrap the center console in tinfoil as fast as possible to save your life. It's the only way to prevent Bluetooth murder.

Better still is to sell your fancy ride and buy a 90's/80's or earlier model car instead. That will be a 100% guaranteed hackproof solution.

Plus the added benefit of no tracking of your movements, driving habits, and other telemetry reporting being saved and/or sent back to the manufacturer or law enforcement. I really hate today's cars and all their privacy invading tech. Can't even have anonymous sex in the car anymore with any privacy.

 

[davislane1]

Can't even have anonymous sex in the car anymore with any privacy.

Honestly, the invention of carriage suspension ended that several centuries ago.

 

[Joe Blow]

If you want security, go wired. It's that simple.