BlueBorne – A New Type of Malware
A new malware attack, dubbed BlueBorne, is spreading and could potentially expose millions to devices of remote attack. BlueBorne is an attack on devices with Bluetooth connections to penetrate and take control of these devices.
Any iPhones running iOS 10 are immune to the attack, and Microsoft deployed a patch in July. Android devices are the most vulnerable however, Google says it sent a patch to device manufacturers in August, but when the fix gets to phones is out of their control.
What is the risk with BlueBorne? By spreading through the air, BlueBorne targets the weakest spot in the networks’ defense. Bluetooth has privileges on all operating systems, misusing it provides virtually full control over the device.
There are limitations to this type of attack though, Bluetooth is a short-range vector, therefore, BlueBorne can only target devices within the range of hackers and only devices with Bluetooth turned on. This limitation significantly reduces the real risk associated with the vulnerability.
The simplest solution is to leave your Bluetooth off but since phones are still vulnerable when they’re connected to a Bluetooth device, the only recommendation is to not use Bluetooth at all. If you do have to use Bluetooth, make sure your device is patched against this vulnerability.
Contact our security experts if you have questions about mobile device management and how to stay secure.