BlueBorne Bluetooth Attack Puts 5 Billion Devices at Risk

Do yous have a device with Bluetooth capabilities? Nosotros take some potentially bad news.

SecurityWatch Researchers at security firm Armis are alarm users about a new attack vector leveraging Bluetooth that affects about 5.3 billion devices across iOS, Android, Windows, and Linux. The BlueBorne technique, which spreads through the air, could let an assaulter to accept complete control of affected devices, access corporate data and networks, penetrate fifty-fifty "secure" networks, and spread malware.

Worse even so, "the attack does not require the targeted device to be paired to the attacker's device, or fifty-fifty to be fix on discoverable style," the visitor wrote in a blog post. In fact, this attack requires no user interaction at all.

If a user simply has Bluetooth enabled, a hacker would be able connect to their device and spread malware—all without the user'southward knowledge. Armis explained that because it propagates through the air, BlueBorne is "much more unsafe" than the majority of attacks today, which rely on the internet. This unusual attack method also allows hackers to featherbed current security defenses since they don't protect against "airborne threats" of this kind.

"BlueBorne tin serve any malicious objective, such every bit cyber espionage, information theft, ransomware, and even creating big botnets out of IoT devices," Armis said.

Armis has uncovered eight associated nothing-day vulnerabilities, four of which are classified as "critical." The company has reported these flaws to affected companies — including Google, Microsoft, Apple tree, Samsung, and Linux — and is working with them to become patches deployed.

Apple mitigated the flaw in iOS 10, merely all iPhones, iPads, and iPod touch devices with iOS 9.3.v or lower, and Apple TV devices with version 7.ii.2 or lower are at risk. Google, meanwhile, has issued a security update for Android version 7.0 Nougat and 6.0 Marshmallow and notified its partners about it. This threat, however, affects "all Android phones, tablets, and wearables (except those using only Bluetooth Low Energy) of all versions," Armis said.

Microsoft on Tuesday issued security patches to protect supported versions of Windows against this threat. The Linux team is also working to outcome patches.

If you're worried, Armis recommends disabling Blutooth and using information technology as little as possible.

About Angela Moscaritolo

Angela Moscaritolo

Angela Moscaritolo is PCMag's expert on fitness and smart home products. Teaching yoga for nearly 10 years has helped her in evaluating a range of connected wellness products including fitness trackers, center charge per unit monitors, rowers, smart scales, stationary bikes, strength training machines, treadmills, and more. Angela also tests smart domicile devices from her ranch in Florida, including air purifiers, kitchen appliances, and robot vacuums, just to name a few.