No announcement yet.

Hacking Bluetooth

  • Filter
  • Time
  • Show
Clear All
new posts

  • Hacking Bluetooth

    Bluetooth is a widely employed short-range technology commonly used to interconnect devices such as headsets, media players, mobile phones etc. Note that many versions of bluetooth exists and even though it generally is considered very short-range this has improved recently. Attackers may use bluetooth enabled devices with a cell phone antenna to dramatically increase the range hence widening the attack surface.

    When working with bluetooth devices there are some specifics to keep in mind as these devices can work in the different modes

    These modes include
    • Discoverable - This mode allows the device to be scanned and located by other bluetooth-enabled devices.
    • Limited Discoverable - In this mode the device will be discoverable to other bluetooth-enabled devices for a short period of time before it returns to being nondiscoverable.
    • Nondiscoverable - Devices in this mode cannot be located by other bluetooth devices except for those devices that has previously discovered the device.

    Bluetooth devices that can be discovered may also be paired with other devices to allow for communication between the two devices. Devices can be in pairing mode to enable the link between devices or nonpairing mode which will not allow links to be established have some shortcommings that are being addressed with each successive version, but many flaws remain and can be exploited. The technology has already been challenged by attacks resulting in victims losing information.

    This information includes
    • Leaking calendars and address books and other information stored on the device.
    • Creation of bugging devices has been an issue with bluetooth as software has been made available that can remotely activate cameras and microphones.
    • An attacker can remotely control a phone to make calls, send text messages or connect to the Internet.
    • Attackers have been known to disable bluetooth security features in order to pair with the device.
    • Mobile phone worms can exploit a bluetooth to replicate and spread.

    This is one form of attack on bluetooth devices that, in most cases, is more annoying than malicious. The attack takes the form of sending an anonymous text message to a victim. Since bluejacking exploits the basic operations of the protocol, it is hard to defend against except for configuring the victim device to be nondiscoverable.

    This attack is designed to extract information from a bluetooth device without having the device in your hand. If this attack is successful the attacker is able to obtain information such as the full address book, call information, text messages and other data from the device. Because of the nature of the attack, it is considered very invasive and dangerous.
    Certified Security Geek