September 12, 2017
Billions of Bluetooth devices vulnerable to takeovers, MITM attacks; no user action required
Billions of Bluetooth devices, including those running on Android, iOS, Linux, and Windows, contain major vulnerabilities that can allow malicious actors to remotely execute code, take over devices, and perform man-in-the-middle (MITM) attacks, researchers have reported.
What's more, attackers do not need to trick users into performing an action in order to compromise or infect them, nor does a target device's Bluetooth have to paired with an attacking device or even be in Discovery Mode. The device simply has to have its Bluetooth feature turned on, which for most products is the default setting.
Even worse, compromised devices can then be further leveraged to attack additional nearby systems over the air, including any segregated or air-gapped devices that happen to be Bluetooth-enabled. "Basically, it's an airborne delivery method or attack vector that could be very easily abused," said Nadis Izrael, CTO and co-founder of Armis, in an interview with SC Media.