Don’t Leave Your Device Bluetooth Always On

Hey, fellas, I know it might be quite hip to always have your device Bluetooth on so that you can you can connect your watches or headset to your phone. But new research from Armis has identified a new plane of attack vector that targets your device Bluetooth and connects to it without your permission and then enabling the attackers to have full control over your device and then possible steal data.

This new threat, known as BlueBorne, has been successfully used to take control of Samsung Galaxy Phones, Google Pixel, LG Sports Watch and a car audio system using the Bluetooth connection.



What Is BlueBorne?

BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices. The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode. Armis Labs has identified eight zero-day vulnerabilities so far, which indicate the existence and potential of the attack vector. Armis believes many more vulnerabilities await discovery in the various platforms using Bluetooth. These vulnerabilities are fully operational, and can be successfully exploited, as demonstrated in our research. The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as Man-in-The-Middle attacks.

Google and Microsoft have released patches and updates to mitigate this threat. Please ensure you backup your devices properly and always remember not to leave sensitive info on your devices.

1 thought on “Don’t Leave Your Device Bluetooth Always On

  1. It is recommended to use a firewall or antivirus to protect your data while transferring through Bluetooth. BlueBorne is an attack vector which hackers used to take control of the device. So it is better to keep your Bluetooth off if work is over.

Leave a Reply

Your email address will not be published. Required fields are marked *