This bluetooth vulnerability can attack your device without being paired
What's the story
Cyber experts have reported a set of eight Bluetooth vulnerabilities that could potentially affect billions of devices.
Termed "BlueBorne", attackers could use this set to take over devices without the victim's knowledge. The devices don't even need to be paired.
Apparently, BlueBorne affects many Windows and Linux desktops, Android and iOS phones, as well as an "expanding realm of IoT devices".
Danger
"You'll never know what hit you"
Arctic Wolf Networks, a California-based information security company, calls BlueBorne "one of the most dangerous attacks because of its ability to spread without requiring the user to do anything".
"Like catching the flu, you could be infected by just sitting next to somebody on the airplane that has been infected. By the time you start seeing symptoms, you could have spread it to hundreds more people."
Reach
An estimated five billion devices are at risk
According to security engineer Mike Buckbee, BlueBorne is concerning not because of its powers, but due to its reach.
Security company Armis says iOS10 has resolved the issues, so only lower versions are vulnerable. Otherwise, almost every computer, mobile, smart TV and more- about 5bn devices- are endangered.
Android has released fixes in its latest update, but not many have received it yet.
Precautions
Is there any way to stay safe?
"The BlueBorne attack vector can be used to conduct a large range of offenses, including remote code execution as well as man-in-the-middle attacks," Armis says.
Experts have predicted most devices will remain vulnerable for "years to come".
The only mitigation tactic available for now is to stay safe and keep bluetooth switched off when not in use, says Lamar Bailey of Tripwire.