BlueBorne threatens almost every connected device with Bluetooth-based attacks
Researchers have discovered a new attack vector they’ve named “BlueBorne” that enables bad actors to compromise nearly every connected device via Bluetooth.
Discovered by Armis Labs, this new threat applies to mobile phones, computers, and IoT devices.
To leverage it, an attacker begins by scanning for active Bluetooth connections within 32 feet. They then choose a device (even if it’s not in “discoverable” mode) and obtain its MAC address, an identifier which they can use to probe the device and determine its operating system. With that knowledge, the bad actor can craft an exploit for one of eight zero-day vulnerabilities affecting the implementation of the Bluetooth protocol to take full control of the device… all within a mere 10 seconds!