According to a new report, roughly 5.3 billion of the 8.2 billion Bluetooth connected devices on the planet are vulnerable to a new exploit. Nearly every connected device on earth features Bluetooth and now over half of them are at risk from BlueBorne, a new zero-day exploit. BlueBorne targets vulnerable devices and spreads without the action or knowledge of the user. It's being compared to the nasty WannaCry ransomware that spread around the globe earlier this year.
Here's how it works: BlueBorne infects your device silently. Without any action on your part, it spreads to your device by taking advantage of how Bluetooth uses tethering to share data. It then acts as a trusted network and allows hackers to execute "man in the middle" attacks without you even knowing it. From there, it spreads to other vulnerable devices it detects. Researchers from Armis Labs who found the exploit were able to use it to create botnets and install ransomware.
The news isn't all terrible. While BlueBorne does use eight zero-day vulnerabilities, patches have come out to fix it. All Apple devices running iOS 10 and newer, as well as all up-t0-date Windows machines are safe. Google passed the patch onto partners in early August which means Nexus and Pixel devices with the latest updates are safe, but others will have to wait on OEMs to push the update.
September security update for Pixel and Nexus devices finally starts to roll out
The concern from here on out is what happens to 180 million of the two billion Android devices on the market that will never see another update. While informed users can simply just turn their Bluetooth off, all other unpatched devices will remain vulnerable as long as Bluetooth is active. This is especially scary because there has been an explosion of Internet of Things connected appliances and devices that have come onto the market in the last several years. Those devices may be slow to get a patch, or never get one at all. Armis Labs estimates that 40% of vulnerable devices are never going to be patched. That leaves over two billion devices on the market to act as potential virus hotspots.
from Android Authority http://ift.tt/2xXPi2n
via IFTTT
No comments:
Post a Comment