BlueBorne- the lethal attack to take over your devices

Pacemakers prone to getting hacked
September 5, 2017
Reverse Engineering 101 – With Crack-mes
September 15, 2017

September 13, 2017

The latest attack Blueborne is taking over by storm , lets read about it in concise, the attack method and the details of this bug.

A series of vulnerabilities have been unearthed in the implementation of Bluetooth which allows hackers to take over your computers/ tablets/ smartphones whenever Bluetooth is on.

A total of eight critical Bluetooth vulnerabilities were unearthed by researchers of Armis security which does not require any user interaction apart from the fact it does not need to be paired to the attacker’s device, or even to be set on discoverable mode.

How does BlueBorne work?

1. Attacker locates active Bluetooth connections in range.

2. Attacker obtains the device’s MAC address

3. With some enumeration based probing, operating system information is retrieved and specific exploit is chosen to compromise the device.

4. The vulnerability in implementation of the Bluetooth protocol is exploite with subsequent access

Attack pivot:

At this juncture, you can choose to either perform an MiTM ( Man-in-The-Middle attack) or gain complete control of the device

Reference:

1. https://www.armis.com/blueborne/

2. http://go.armis.com/blueborne-technical-paper

Discover more from SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management

Subscribe now to keep reading and get access to the full archive.

Continue reading

Enable Notifications OK No thanks