Fortinet, a cybersecurity solutions company, urges caution regarding a new Bluetooth exploit known as BlueBorne that has been discovered to exploit a number of Bluetooth vulnerabilities, making billions of devices potentially vulnerable to attack. While there is no evidence that such attack vectors currently exist in the wild, it is possible that proof-of-concept exploits exist in labs, or could easily be developed and released in the wild.
The Bluetooth vulnerability was first identified by a company called Armis Labs, which has detailed all the ways a user can be hacked, no matter the platform they are using. The BlueBorne malware works by scanning for Bluetooth-enabled devices and then probing them to see if they have relevant vulnerabilities. If affect users on Windows, Linux, or Mac OS, and mobile operating systems including Android and iOS. Basically, if users have enabled Bluetooth, they are exposed.
BlueBorne is a hybrid Trojan-Worm malware that spreads via Bluetooth. Because it includes worm-like properties, any infected system is also a potential carrier, and will actively search for vulnerable hosts. Unfortunately, vulnerable hosts can include any Bluetooth-enabled device, including Android, iOS, Mac OSX, and Windows systems, Fortinet said.
The implications of this threat vector are far-reaching because Bluetooth is one of the most widely deployed and used connectivity protocols in the world. Everything from electronic appliances to smartphones uses it, as do a growing number of IoT devices, including smart TVs, smart car gadgets and even home security systems.
To date, Apple (iOS 10 & above), Google (Android’s September security patches for Pixel and Nexus devices), Linux (CVE-2017-1000250 and CVE-2017-1000251) and Microsoft (since July 2017) have all patched the exploit. Google said it sent a fix to device manufacturers a month ago, but when that patch actually reaches phones will depend on manufacturers like Samsung, LG, HTC, Xiaomi and the others.
To protect users and their Bluetooth-enabled devices from the BlueBorne exploit, Fortinet is recommending the following:
- Disable Bluetooth on your devices unless it is absolutely needed. If you turn it on, then turn it off as soon as you are done using it.
- Identify the devices you own or that are attached to your network. Closely monitor those manufacturers for Bluetooth updates.
- Patch systems as soon as updates become available. Apple iOS was patched in 2016 with an iOS 10 release. Microsoft issued a patch for Windows this July. And Google is reportedly now working on distributing a patch.
“Tackling the BlueBorne exploit is challenging because Bluetooth is not a communications protocol that is monitored and inspected by most network security tools. Therefore, traditional security devices such as intrusion detection systems will most likely not be able to detect BlueBorne attacks,” said David Maciejak, Director of Security Research, Fortinet. “Since this technology has not really been a focus for security researchers, it is highly likely that we will see an increase in attackers looking to exploit Bluetooth implementations in the future.”
“Once a target is identified, the hack takes less than 10 seconds, and targeted devices don’t even need to accept an incoming connection in order to be compromised,” warned Maciejak. “Once a device has been compromised, attackers are able to run arbitrary commands on the device and even access and potentially steal data. The attack also immediately begins to seek out and spread to other vulnerable Bluetooth-enabled targets.”