The vulnerabilities, found by the cyber security firm Armis and nicknamed “Blueborne,” can allow an intruder to place malware on systems or steal credentials. The cyber attack is particularly potent because it doesn’t want a user to click on a file or click on an installation.
Since the cyber attacks are wireless, malware using the advantage of Blueborne could flow from device to device. That worst-case situation would see the malware rapidly catch all vulnerable systems and spread as users with infected receivers move from place to place.
Bluetooth is employed on phones, computers, and other devices. Different mechanisms are affected by many sets of vulnerabilities encapsulated by Blueborne.
Google published a patch for Android devices last Tuesday while Linux announced a fix one week later. Current Apple operating systems are not exposed to the attack, but older iOS systems are. Microsoft repaired the problem in July for supported versions of Windows.
Android and Linux systems can be duped into revealing information saved in memory to a nearby malicious device. This type of attack can often be configured to seize those systems to expose the encryption keys meaning used by Bluetooth, access rules or monitor data being sent between devices.
Android and Windows systems are unprotected to “man in the middle” attacks, where an intruder intercepts communications between devices by secretly serving as a relay station between the two. An intruder can use this to observe all traffic and steal authentication information. It could also modify data in transit.
Android has two vulnerabilities that enable an attacker to run its private code on infected systems that would enable it to install its own malware.
Old versions of iOS that were published before iOS10 have a flaw in a low energy audio protocol developed by Apple that allows criminals to implant data into a system’s memory, which could allow an intruder to run its own rules on an iOS system.
Take your time to comment on this article.