Therefore, the discovery of BlueBorne, a vulnerability found in some Bluetooth technology, which cybercriminals can use to infect these popular devices, is not exactly music to our ears. In fact, there are four zero-day BlueBorne vulnerabilities that have been found in the Bluetooth implementations used by over 5.3 billion devices.It can attack any device with Bluetooth feature. 3. Spread over the air. Unlike other virus, BlueBorne spreads through air rather than internet so it is more contagious. 4. Hard to be detected. This virus remains undetected and the traditional security methods cannot prevent the device from the airborne threat. 5. Take full control over your phone.Even though Bluetooth devices are not usually in the kill-chain of most network security devices, FortiGuard Labs expects that because BlueBorne is a potentially powerful delivery mechanism it is likely to lead to multi-stage attacks where an attacker first exploits one of the Bluetooth vulnerabilities and then infects the compromised device with additional malware, including ransomware, remote exploit kits, or other dangerous files. Fortunately, most of these potential second-stage attacks .
BlueBorne Attack And this Blueborne attack exploits the fact that Bluetooth is given high privileges in most operating systems. This means the attack can be carried over the air, and executed.
The BlueBorne vulnerabilities enable attackers to perform remote code execution and man-in-the-middle attacks. This attack is dangerous because of the broad range of Bluetooth devices out in the wild and the ease with which an attacker can remotely connect to them and intercept traffic. With this exploit, an attacker doesn't have to be paired .
BlueBorne is said to affect many Windows and Linux desktops, Android smartphones, some iOS devices, as well as an "expanding realm of IoT devices." "The attack does not require the targeted device to be paired to the attacker's device, or even to be set on discoverable mode," Armis wrote in a blog post.But researchers have discovered a vulnerability in the technology that allows hackers to take control of a victim’s phone remotely. Known as “BlueBorne”, the technique can be used by hackers to connect to a nearby phone, install malware, steal data, or delete important personal information. And it takes less than 10 seconds for them to break in.The BlueBorne vulnerability is a dangerous collection of bugs that were discovered a year ago. By using the identified weaknesses a malicious user may completely take over the target devices. When the security issue was identified for the first time the experts estimated that about 5 billion devices were impacted by it.