Over 5 billion Android, Windows, iOS and Linux devices that use Bluetooth to communicate are exposed to remote control, redirection to phishing websites and man-in-the-middle attacks after eight zero-day vulnerabilities were detected, including three that are critical.
The cyber threat, dubbed BlueBorne, doesn’t require user interaction and affects all Bluetooth-enabled devices including smartphones and smart devices such as wearables, smart TVs and automobile audio systems, among others, which can easily be infected with malware such as ransomware.
If the Bluetooth setting is turned on, compromised devices can in turn propagate malware and corrupt other Bluetooth-enabled devices over the air, with no pairing or discovery mode required. As a result, attacks could spread extremely quickly through a worm, possibly leading to an event similar in size to the WannaCry ransomware attack, researchers warn.
The vulnerabilities identified are:
Apple, Google, Microsoft and Linux were immediately informed about the vulnerabilities between April and August 2017. Google released a patch for Android 6 and 7, and Microsoft released a security update for all Windows devices except Windows phones, which were not affected. Linux announced its plan to release a security update and Apple had already fixed it with the release of version 10. Older versions and Apple TVs are still vulnerable.
tags
After having addressed topics such as NFC, startups, and tech innovation, she has now shifted focus to internet security, with a keen interest in smart homes and IoT threats.
View all postsNovember 14, 2024
September 06, 2024