Following last year’s disclosure of the BlueBorne vulnerability security experts note that about 2 billion Bluetooth devices are still affected by it. BlueBorne is a collection of bugs that allow the hackers to intrude into them. Many of these devices are smartphones and tablets operating under the Android and iOS operating system.
Bluborne Bluetooth Vulnerability May Be Used to Access 2 Billion Devices
The BlueBorne vulnerability is a dangerous collection of bugs that were discovered a year ago. By using the identified weaknesses a malicious user may completely take over the target devices. When the security issue was identified for the first time the experts estimated that about 5 billion devices were impacted by it. A year later the number is 2 billion which is still a very high number. The attacks have been found to affect all major operating systems — Android, Linux, iOS and Windows allowing the perpetrators not only access to them, but also steal the user files, spy on the victims and conduct complex man-in-the-middle attacks.
The attacks are categorized as airborne which is a specific type of intrusion. The attackers set up a device that broadcasts the malicious code over-the-air. A unique characteristic is that the targets do not need to be paired with the malicious instance or be placed in discoverable mode. Due to this characteristic the infections can spread easily to a high number of devices with minimum effort. The researchers state that this is also useful when contaminating air-gapped internal networks, they only need to set up the infection carriers in proximity to the devised targets.
What is interesting is that the BlueBorne Bluetooth vulnerability contains distinct flaws that target the specific operating systems:
- Linux — Two vulnerabilities have been identified in Linux systems. The first one is an information leakage bug which is caused by problem in the SDP protocol. The bug allows memory fragments to be read by the attacker remotely. The other bug is a remote code execution one and is related to the way the Bluez library is set up. This impacts all other operating systems that implement the vulnerable library.
- Microsoft Windows — The identified issue is a problem that lies within the way network communications are carried out. The Bluetooth protocol stack can be abused as an attack vector leading to the possibility to carry out man-in-the-middle infections.
- Apple iOS — This is a remote code execution that has affected versions older than 10.3.3.
- Google Android — Several distinct exploits have been found: two remote code execution bugs, an information leak possibility and a man-in-the-middle network attack which appears to be similar to the Windows one. The security reports indicate that malicious actors can combine several BlueBorne vulnerabilities at once in order to maximize the damage impact.
Despite the fact that the security issue was publicly reported so far we have not received reports of mass infection attempts. Many vendors have started to patch certain devices which has resulted in a shrink of the number of affected devices. However the statistics show 768 million of the are versions of Linux, 200 million are running Windows and 50 million are iOS phone and tablet devices.