Bannyblanco
Professional
- Messages
- 160
- Reaction score
- 132
- Points
- 43
In September 2017, it became known about the Bluetooth threat, BlueBorne, which threatened billions of devices: various types of smartphones, printers and Smart TVs.
BlueBorne - A range of Bluetooth vulnerabilities. In the event of a successful attack on the device, the hacker receives solid privileges, allowing him to launch a malicious P.U. Or carry out a MitM (Man in the Middle) attack.
Microsoft has said it will correct any vulnerabilities related to its Bluetooth driver replacement.
According to a 2017 study by Armis Labs, this vulnerability can be corrected in only 45% of Android smartphones, which is about 960 million devices.
According to the data of 2018, the situation has improved - 2/3 of the devices have been updated. The rest of the devices are still at risk due to the fact that the users themselves do not upgrade the operating system or the device is supported by the manufacturer.
It should be noted that the experts informed the organizations about the danger of BlueBorne 6 months before the publication of the research results.
The attack vector consists of several stages:
1. The attacker finds active Bluetooth devices
2. The device can be identified even without the "visibility" mode
3. The perpetrator gets the MAC address of the device
4. The perpetrator determines what system this device uses and configures it accordingly
5. Uses vulnerability (vaulnerability) in Bluetooth and gains access to the device
As mentioned, there is a danger of BlueBorne on iOS devices as well
According to Armis, the following devices are at risk from BlueBorne:
1. All iPhone, iPad, and iPod touch running iOS 9.3.5 or earlier
2. All Apple TVs running on version 7.2.2 or earlier
On the advice of experts, two norms should be adopted by the user to protect against attack:
Update the system on the device to the latest version
Turn on Bluetooth only when needed
After installing the BlueBorne Vulnerability Scanner app, the device is checked for Bluetooth vulnerabilities. There is a mode in the program, through which it is possible to get information about the status of the surrounding devices
Do not forget reaction
BlueBorne - A range of Bluetooth vulnerabilities. In the event of a successful attack on the device, the hacker receives solid privileges, allowing him to launch a malicious P.U. Or carry out a MitM (Man in the Middle) attack.
Microsoft has said it will correct any vulnerabilities related to its Bluetooth driver replacement.
According to a 2017 study by Armis Labs, this vulnerability can be corrected in only 45% of Android smartphones, which is about 960 million devices.
According to the data of 2018, the situation has improved - 2/3 of the devices have been updated. The rest of the devices are still at risk due to the fact that the users themselves do not upgrade the operating system or the device is supported by the manufacturer.
It should be noted that the experts informed the organizations about the danger of BlueBorne 6 months before the publication of the research results.
The attack vector consists of several stages:
1. The attacker finds active Bluetooth devices
2. The device can be identified even without the "visibility" mode
3. The perpetrator gets the MAC address of the device
4. The perpetrator determines what system this device uses and configures it accordingly
5. Uses vulnerability (vaulnerability) in Bluetooth and gains access to the device
As mentioned, there is a danger of BlueBorne on iOS devices as well
According to Armis, the following devices are at risk from BlueBorne:
1. All iPhone, iPad, and iPod touch running iOS 9.3.5 or earlier
2. All Apple TVs running on version 7.2.2 or earlier
On the advice of experts, two norms should be adopted by the user to protect against attack:
Update the system on the device to the latest version
Turn on Bluetooth only when needed
After installing the BlueBorne Vulnerability Scanner app, the device is checked for Bluetooth vulnerabilities. There is a mode in the program, through which it is possible to get information about the status of the surrounding devices
Do not forget reaction
