If you leave your Bluetooth switched on, you could be vulnerable to a viscous virus called ‘BlueBorne’ that can spread from gadget to gadget through the air.
Hackers can take control of devices, access data, networks and even spread malware to adjacent devices in just 10 seconds – without you having any idea.
According to a security report, ‘BlueBorne’ can endanger all major mobile, desktop and smart devices – including those on Android, iOS and Windows.
Hackers can take control of devices, access data, networks and even spread malware to adjacent devices in a matter of seconds (stock image)
Experts at the security firm say hackers could connect to your device and send malicious software – and unlike traditional cyber attacks, you don’t need to download a file to put yourself in danger.
Hackers could even use this weakness to send you ransomware or get into your employers’ IT systems, according to the Armis report.
Firstly, the attacker finds some local Bluetooth-enabled devices.
Next, they obtain the media access control address (MAC address) of the device – a unique identifier.
This can be used to determine which operating system is running on it, and adjust the exploit accordingly.
The attacker can exploit a vulnerability in the implementation of the Bluetooth protocol on that platform.
This allows them to intercept communications or take over the device for other malicious purposes.
According to a security report, ‘BlueBorne’ can endanger all major mobile, desktop and smart devices – including those on Android, iOS and windows (stock image)
‘Spreading from device to device through the air also makes BlueBorne highly infectious. Moreover, since the Bluetooth process has high privileges on all operating systems, exploiting it provides virtually full control over the device’, researchers wrote in their report.
‘BlueBorne can serve any malicious objective, such as cyber espionage, data theft, ransomware, and even creating large botnets out of IoT [Internet of Things] devices
‘The BlueBorne attack vector surpasses the capabilities of most attack vectors by penetrating secure “air-gapped” networks which are disconnected from any other network, including the internet.’
Unfortunately, current security measures such as endpoint protection, mobile data management, firewalls, and network security solutions are not designed to deal with airborne attacks.
Experts suggest that users can protect themselves by disabling Bluetooth, and only enabling it for a short time when needed, if at all.
‘Unlike the common misconception, Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with’, researchers wrote.
‘This means a Bluetooth connection can be established without pairing the devices at all.
‘This makes BlueBorne one of the most broad potential attacks found in recent years, and allows an attacker to strike completely undetected’, they warned.