Check to see if your device – or those around you – is vulnerable to BlueBorne.

Armis discovered BlueBorne, a new attack vector, endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them.

It includes 8 zero-day vulnerabilities, 4 of them critical. With BlueBorne, a hacker can take over your device or set up a man-in-the-middle attack. It leverages the most serious exploit in Bluetooth to date, and spreads through the air (airborne). You don’t need to pair with the attacking device. You Bluetooth just needs to be on.

Key points about BlueBorne:
- Penetrates secure “air-gapped” networks
- Spreads laterally to adjacent devices
- Impacts devices from Samsung, Google, Windows, Apple and more
- Microsoft, Android, Linux, and iOS are issuing updates

Armis Labs revealed last week that bluetooth wrangling potentially threatened up to 8 billion smartphones, tablets, computers, and IoT devices. The company has set up a mobile app that can check the vulnerability of your device.

According to Armis Labs, there have been a number of zero-day attacks that prove the functionality of the Blueborne vector. The hijack allows the hijacker to run remote code on the device and make a so-called Man-in-the-Middle attack.

The vulnerability of your Android device can be checked by Armis Labs with Blueborne Vulnerability Scnner, which runs on Google Play.

Source: http://www.etn.fi/index.php/13-news/6851-tarkista-onko-bluetooth-laitteesi-vaarassa

But in addition to endangering core devices such as smartphones and PCs, BlueBorne has implications for the billions of Bluetooth-equipped internet of things devices in the world including smart TVs, speakers, and even smart lightbulbs. Many of these devices are built on Linux and don’t have a mechanism for distributing updates. Or even if they do, they rarely receive them in practice. Linux is working on but hasn’t yet issued a BlueBorne patch.

When Bluetooth is on in a device, it is constantly open to and waiting for potential connections. So a BlueBorne attack starts by going through the process Webroot’s Dufour describes—scanning for devices that have Bluetooth on and probing them for information such as device type and operating system to see if they have the relevant vulnerabilities.

BlueBorne affects all Bluetooth enabled devices

They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars.

Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company’s network or even across the world.

Not all devices will receive patches

Armis reported the vulnerabilities to major hardware and software vendors, such as Apple, Google, Microsoft, and the Linux community. Some patches are being developed and will be released today and in the coming days and weeks.

Nonetheless, some devices will never receive a BlueBorne patch as the devices have reached End-Of-Life and are not being supported. Armis estimates this number at around 40% of all Bluetooth-enabled devices, which is over two billion devices.

BlueBorne vulnerabilities are tracked under the following identifiers: CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, and CVE-2017-0785 for Android devices; CVE-2017-1000251 and CVE-2017-1000250 for Linux; CVE-2017-14315 for iOS, and CVE-2017-8628 on Windows.

Who is affected

All Android phones, tablets, and wearables of all versions are affected by the four above mentioned vulnerabilities. Android devices using Bluetooth Low Energy only are not affected. Google patched the flaws in its September Android Security Bulletin.

Windows versions since Windows Vista are all affected. Microsoft said Windows phones are not impacted by BlueBorne. Microsoft secretly released patches in July for CVE-2017-8628, but only today included details about the fixed vulnerability in September’s Patch Tuesday.

All Linux devices running BlueZ are affected by an information leak, while all Linux devices from version 3.3-rc1 (released in October 2011) are affected by a remote code execution flaw that can be exploited via Bluetooth. Samsung’s Tizen OS, based on Linux, is also affected.

All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower are affected, but the issue was patched in iOS 10.

In all, BlueBorne consists of eight related vulnerabilities, three of which are classified as critical. The vulnerabilities were found in the Bluetooth implementations in Android, Microsoft, Linux and iOS. They include:

*Linux kernel RCE vulnerability – CVE-2017-1000251
*Linux Bluetooth stack (BlueZ) information leak vulnerability – CVE-2017-1000250
*Android information leak vulnerability – CVE-2017-0785
*Android RCE vulnerabilities CVE-2017-0781 & CVE-2017-0782
*The Bluetooth Pineapple in Android – Logical Flaw CVE-2017-0783
*The Bluetooth Pineapple in Windows – Logical Flaw CVE-2017-8628
*Apple Low Energy Audio Protocol RCE vulnerability – CVE Pending
An attack scenario includes an adversary identifying Bluetooth devices nearby and using commonly tools to identify the MAC address of vulnerable Bluetooth devices.

“By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly

Have You Ever Wanted to See the Bluetooth Signals Around You?
https://blog.hackster.io/have-you-ever-wanted-to-see-the-bluetooth-signals-around-you-72d7e474cdc6

maker Toglefritz has come up with a unique and beautiful way to illustrate those Bluetooth signals. The technique pairs an Android app with long exposure photography. Once your phone is paired with the Bluetooth device you want to test the signal of, it will change color as the strength of the signal changes. Taking a long exposure photo (in the dark) while running the app lets you see how the signal changes as you move about the room.

Visualize Bluetooth in a Long Exposure Photo
http://www.instructables.com/id/Visualize-Bluetooth-in-a-Long-Exposure-Photo/

Have You Ever Wanted to See the Bluetooth Signals Around You?
https://blog.hackster.io/have-you-ever-wanted-to-see-the-bluetooth-signals-around-you-72d7e474cdc6

maker Toglefritz has come up with a unique and beautiful way to illustrate those Bluetooth signals. The technique pairs an Android app with long exposure photography. Once your phone is paired with the Bluetooth device you want to test the signal of, it will change color as the strength of the signal changes. Taking a long exposure photo (in the dark) while running the app lets you see how the signal changes as you move about the room.

Visualize Bluetooth in a Long Exposure Photo
http://www.instructables.com/id/Visualize-Bluetooth-in-a-Long-Exposure-Photo/

The dangers of Bluetooth implementations:

Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks.