During this holiday season, there was a spike in consumer smart products. You might know some of these products like the Amazon Echo, Google Home, and many other smart home technologies. What you might not have known is the possible security risks of having these smart products.
This is what researchers at loT security firm Armis sought out when they discovered Blueborne, a new version of airborne attacks. These vulnerabilities let attackers take control of many devices running Linux based operating systems. These vulnerabilities where showed and discussed at the latest Black Hat Europe convention in London.
It has been shown that once a device with Bluetooth is hacked the attacker can then spread the attack over the air and effect more devices. These flaws in Bluetooth technology can be exploited without the user even knowing.
Upon further review of these exploits experts say that these type of attacks are complex and unexamined. In general Bluetooth technologies need to further audited in order to lock down these security flaws.
Bluetooth in general has a lot for attackers to go for. When a device has Bluetooth enabled the device may not be in discovery mode, but it is constantly checking for possible connections. While the device is attempting to make these connections it is broadcasting its MAC address over the air. So, if any attacker was in range they could pick up on this and begin a brute force attack.
Overall the moral of the story in to not put full faith in the security of a popularizing technology and if your not using a Bluetooth device turn Bluetooth off.