A new vulnerability has been discovered that could infect devices running the Android operating system with either a malware or a ransomware through a simple Bluetooth connection. The security issue, dubbed as Blueborne, is discovered by the researchers at Armis Labs. They found out that the Blueborne vulnerability could be used to send and install potentially damaging software without the need to pair the handset with an infected device. The malware transfer could occur as long as the Bluetooth is turned on on both devices, even if the smartphones are not in discoverable mode. In addition, the infected handsets, without the knowledge of the owner, has the capacity to spread the same malware to other smartphones or computers wherever the owner goes. Since the Bluetooth process has high privileges in the Android OS, a malware transmitted through this vulnerability has the ability to take over the handset, retrieve personal information, or lock users out of their devices. Aside from Android, this security flaw is also present in devices running Windows, Linux, and iOS, making personal computers and server systems potentially at risk.
Utilizing a unit of the Google Pixel, the researchers also provided a demo of how the security loophole works with the Android operating system. Within a short period of time after starting the attack, the group was able to take control of the handset, use a remote mouse to open the camera app and take a picture using the front-facing camera. Afterwards, the researchers were able to retrieve the image from the smartphone and view it on a separate computer. This demo is an example of how the software flaw could be used for cyber espionage and data theft, not only through taking images but also by retrieving sensitive information like location data and private messages. The researchers also pointed out that the devices infected through the Blueborne attack vector may be controlled as a part of a massive botnet, similar to the Mirai botnet.
Armis Labs has contacted several concerned parties regarding the security flaw it has discovered. Eight related zero-day vulnerabilities, four of which were categorized as critical, were reported by the researchers to companies like Google, Microsoft, Apple, and Samsung. Google has already fixed the Blueborne vulnerability with the September 2017 Android security patch released for devices running Android 7.0 Nougat and Android 6.0 Marshmallow. On the other hand, Samsung has yet to respond to Armis Labs regarding the actions it has made to secure their devices from this loophole.