Imagine this nightmare wireless attack scenario. A guest walks into your offices not realizing his mobile wireless device is already infected with malware that spreads wirelessly. This guest’s device automatically infects any other device it comes into proximity with. The infection doesn’t require your users to interact in any way, nor does it require them to pair their devices with the malicious one. The attack just happens seamlessly in the background, without your users even knowing.
According to researchers at Armis, this attack exists and is called BlueBorne. In reality, BlueBorne is eight different bluetooth vulnerabilities Armis found in different platforms, including iOS, Android, Windows, and Linux. They can combine some of these vulnerabilities to create self-spreading bluetooth malware, like the scenario described above. Watch today’s video for more information about this attack and how to avoid it, and be sure to check out the white-paper linked below if you want all the details.
Episode Runtime: 2:29
Direct YouTube Link: https://www.youtube.com/watch?v=liltkSgUQz0
EPISODE REFERENCES:
- BlueBorne attack puts 5 billion devices at risk – PC Mag
- Research organization’s general overview site on BlueBorne – Armis
- Video highlighting the potential Blueborne attack – YouTube
- Detailed technical whitepaper on the BlueBorne vulnerabilities [PDF] – Armis
Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply