The latest attack Blueborne is taking over by storm , lets read about it in concise, the attack method and the details of this bug.
A series of vulnerabilities have been unearthed in the implementation of Bluetooth which allows hackers to take over your computers/ tablets/ smartphones whenever Bluetooth is on.
A total of eight critical Bluetooth vulnerabilities were unearthed by researchers of Armis security which does not require any user interaction apart from the fact it does not need to be paired to the attacker’s device, or even to be set on discoverable mode.
How does BlueBorne work?
1. Attacker locates active Bluetooth connections in range.
2. Attacker obtains the device’s MAC address
3. With some enumeration based probing, operating system information is retrieved and specific exploit is chosen to compromise the device.
4. The vulnerability in implementation of the Bluetooth protocol is exploite with subsequent access
Attack pivot:
At this juncture, you can choose to either perform an MiTM ( Man-in-The-Middle attack) or gain complete control of the device
Reference:
1. https://www.armis.com/blueborne/
2. http://go.armis.com/blueborne-technical-paper