Want to get your Phone/Computer Hacked? Just turn ON Bluetooth! It's that simple!
The hackers are working day and night to make your malware experience as smooth as possible! Get hacked today!
Discussion of hacks and exploits in computers and phones has become very popular in recent years.Everyone loves giving exploits quirky names, or discussing how all of their devices are at risk because you get no updates because the manufacturer stops giving a fuck about you the moment you pay them.
But really, even in the modern era, it's hard to think of an exploit that has potential for as much damage as this one.The name of the exploit is 'Blueborne', and as you may have noticed from the title, it's a Bluetooth related exploit. The hack was discovered by a company called Armis, and they notified Microsoft, Google and Apple in April, and all the companies have issued a patch to fix this exploit. But again, how many device manufacturers send out updates? For the ones that do, how many percent of the userbase installs them?
There are 2 things that make Blueborne extra hot:
The fact that it's an exploit related to the device discovery and pairing part of bluetooth. Basically, Blueborne allows you to hack someone's phone without any interaction on the user's part. The user doesn't have to connect to a device. They don't have to click some weird popup.They don't have to give some app permission to do something. The only thing the user has to do is leave their bluetooth ON. They don't even have to make the device discoverable!
When the hacker is inside your device, they have the same permissions as you do. So again, the user won't suddenly get a weird prompt asking for some permission. They don't have to open some app and interact with it. The hacker can even launch apps and press buttons remotely!
This is a video from Armis, demonstrating the attack on a Google Pixel:
The interesting thing about this exploit, is that it works on basically every device out there. Android, iOS, Windows, Linux(yeah, Linux isn't safe too). The exploit works in 2 parts. First, it scans for devices around it, and obtains the MAC address and other information. From there, it finds out the OS the device is running, and then runs code specifically for hacking that particular platform. Bluetooth is a big, complex standard, and every company implements it differently, which means every implementation must be hacked differently. And Blueborne does just that. It's a combination of hacks for different OSes that all work together to make a general purpose exploit.
You may think that this isn't a serious exploit. But think about it. There are billions of devices out there with bluetooth. Everything from dumb phones, to car entertainment systems, to headphones. Even medical devices have bluetooth! And several of these devices will never get security updates. So for any hacker who deploys this, as the ads say, "the possibilities are immense!"
If you've been reading all the security exploit related news, you'll notice that almost all of them are about some old, antiquated, complex tech like bluetooth. It's not that it can't be made secure. It's that it has to be compatible with so many devices, many of which have old software, that the manufacturer can't enforce that security, and has to leave an option to be able to connect with the old devices using the insecure method. But I think the manufacturers will never do it, because it hurts their bottom line. There has to be better enforcement of security standards, even if leads to a little bit of inconvenient.
Because ultimately people may be a little inconvenienced when their old device doesn't connect, but they'll be a lot more inconvenienced when their credit card details get stolen.
Thank you for reading this post.If you liked it and want more posts like this one, follow me :-)
Other Recent Posts
Sources
https://www.androidcentral.com/lets-talk-about-blueborne-latest-bluetooth-vulnerability
Header image from Pixabay, meme created using Imgflip
Awesome footer animation by @malos10 :-)
Upvoted on behalf of the dropAhead Curation Team!
Your post will be Resteemed by @dropahead witness account of the dropAhead curation team!
Watch out for the #xx-votesplus tag!
By doing the above you will give us more STEEM POWER (SP) to give YOU more earnings next time.
Keep up the good work!
Most recent post: Moving #25_votes_plus to Discord
Hello, MAP26 has started! Please go to "Six of the Best" MAP26 Minnow Contest [Vote Now - Win Upvotes]. As you are a participant, please look at the suggestions to get the most out of the contest, especially creating a comment showcasing your best recent work. Good luck!
And don't forget, you are now a MAP Member and you can get further inspiration and assistance at the MAP Members Only Discord chatroom.