Leaving your phone or computer's Bluetooth on all the time has never been a good idea, but now researchers at the cybersecurity firm Armis are claiming to have discovered a series of vulnerabilities that allow them to silently hack devices over Bluetooth.
However, the claims come with some serious caveats — iPhones running the most recent OS and Windows phones aren't affected, Google is releasing Android patches today, Microsoft issued patches in July, and Linux also has patches available. Further, the hack requires an attacker to chain together several vulnerabilities and have proximity to the device, making it difficult to duplicate in the wild.
Despite the fact that the vulnerabilities are complex and widely patched, Armis researchers estimated that they could still affect 5.3 billion unpatched devices. "It doesn't require the user to make a mistake, or have a device in a discoverable mode. All it requires is a device or a user to have Bluetooth on," Nadir Izrael, CTO of Armis, told Gizmodo.
Armis researchers demonstrated their attack for Gizmodo on a Google Pixel phone, running Android 7.1.2. Although Armis claims that hackers could use the vulnerabilities, which they have nicknamed BlueBorne, to initiate a silent attack undetectable to the user, the attack they demonstrated left visual clues that would let a device's owner know something was wrong.
Ben Seri, one of Armis' researchers, used the vulnerabilities to connect to the Pixel without any input from the device. "Because you can use Bluetooth to connect a mouse or keyboard to an Android device, now I can run it," Seri explained. Seri was able to turn the device on remotely, take photos, and export them back to his computer — but his cursor wandered the Pixel's screen to issue commands, which would be a giveaway to the phone's owner if they were watching their screen.
However, Izrael claimed sophisticated attackers could take the exploits even further than Armis did, installing malicious apps without any visual signs of compromise. The researchers also told Gizmodo their takeover could spread, virus-like, from one infected device to the next, although they did not demonstrate this claim and leaping between different operating systems would be very complex.
Although you're not likely at risk from BlueBorne, it's a good idea to keep Bluetooth turned off on your device when you're not using it.