BlueBorne has no strengths: the virus spreads via Bluetooth

Fortinet, the world leader in advanced cyber security, recommends caution in using Bluetooth technology in connection with the detection of the new BlueBorne. Vulnerabilities in Bluetooth systems have made billions of devices around the world vulnerable to attacks.

BlueBorne is a hybrid malware with the characteristics of a Trojan and worm that spreads using Bluetooth technology. Features of the worm make every infected by the BlueBorne system also a potential carrier of infection, actively looking for another, vulnerable device. All devices are exposed, in which you can enable Bluetooth connectivity and operate on Android, iOS, Mac OSX and Windows. BlueBorne works by scanning devices that support Bluetooth, and then checks if they have significant security holes.

There is no evidence yet that this attack vector has already been used by someone for a real attack. It is possible, however, that the operation of the exploit has been confirmed in laboratory conditions and can be easily disseminated

The solution to the BlueBorne problem is difficult because the Bluetooth protocol is not a communication protocol that is monitored and controlled by the majority of network security tools - explains Robert Dąbrowski, head of the Fortinet engineering team. - For this reason, traditional security devices are unlikely to be able to detect these violations.

The consequences of using this attack vector can be far-reaching. Bluetooth is one of the most widespread and used communication protocols in the world. It is used by smartphones, tablets and more and more IoT devices, including Smart TV, smart car gadgets and even home security systems.

When BlueBorne has already identified his target, the break-in lasts less than 10 seconds, and the affected devices do not even have to accept the incoming call so that they can be violated - warns Robert Dąbrowski. - After the device is infected, the attackers can run arbitrary commands on it, and even access and steal data. BlueBorne also immediately starts searching for the next target to attack.

To protect your devices with Bluetooth you need to implement three basic steps:

  • Turn off Bluetooth in them, unless absolutely necessary. If it has been turned on, turn it off immediately after the operation is completed.
  • Identify your devices and devices connected to the network. Carefully monitor for new Bluetooth driver updates.
  • Install patches as soon as they become available. Apple iOS was improved in 2016 with the iOS 10 version. Microsoft released an amendment to Windows in July, and Google is reportedly working on a patch for Android.

Google Play has a BlueBorne application prepared by security researchers from Armis Security. You can use it to check the susceptibility of your device.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.