A newly discovered suite of security vulnerabilities in Bluetooth devices gives attackers the ability to take over any system that has its wireless protocol turned on.
The vulnerabilities, discovered by the cybersecurity firm Armis and nicknamed “Blueborne,” can allow an attacker to install malware on systems or steal credentials. The attack is especially potent because it doesn’t require a user to click on a file or agree to an installation.
Since the attacks are wireless, malware taking advantage of Blueborne could spread from device to device. That worst-case scenario would see the malware rapidly overtake all vulnerable systems and spread as users with infected phones move from place to place.
Bluetooth is used on phones, computers and other devices. Different devices are affected by different sets of vulnerabilities encapsulated by Blueborne.
Google released a patch for Android devices last Tuesday while Linux issued a fix one week later. Current Apple operating systems are not vulnerable to the attack, but older iOS systems are. Microsoft patched the problem in July for supported versions of Windows.
Android and Linux systems can be tricked into revealing information stored in memory to a nearby malicious device. This type of attack can often be configured to force those systems to reveal the encryption keys being used by Bluetooth, access systems or monitor data being sent between devices.
Android and Windows systems are vulnerable to “man in the middle” attacks, where an attacker intercepts communications between devices by secretly acting as a relay station between the two. An attacker can use this to observe all traffic and steal authentication information. It could also change data in transit.
Android has two vulnerabilities that allow an attacker to run its own code on infected systems that would allow it to install its own malware.
Old versions of iOS that were released before iOS10 have a flaw in a low energy audio protocol invented by Apple that allows attackers to implant data into a system’s memory, which could allow an attacker to run its own commands on an iOS system.
Linux has a problem in memory allocation in Bluetooth that can allow attackers to take over systems.
Armis notes that a particularly distressing aspect of the Blueborne attack is that it can be used to infect systems owners thought were secured by not being connected to the internet.