Over the past decade, Bluetooth has become almost the default way for billions of devices to exchange data over short distances, allowing PCs and tablets to transfer audio to speakers and phones to zap pictures to nearby computers. Now, researchers have devised an attack that uses the wireless technology to hack a wide range of devices, including those running Android, Linux, and, until a patch became available in July, Windows.
BlueBorne, as the researchers have dubbed their attack, is notable for its unusual reach and effectiveness. Virtually any Android, Linux, or Windows device that hasn’t been recently patched and has Bluetooth turned on can be compromised by an attacking device within 32 feet. It doesn’t require device users to click on any links, connect to a rogue Bluetooth device, or take any other action, short of leaving Bluetooth on. The exploit process is generally very fast, requiring no more than 10 seconds to complete, and it works even when the targeted device is already connected to another Bluetooth-enabled device.
“Just by having Bluetooth on, we can get malicious code on your device,” Nadir Izrael, CTO and cofounder of security firm Armis, told Ars. “BlueBorne abuses the fact that when Bluetooth is on, all of these devices are always listening for connections.”
Read more at Ars Technica