Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new blog
5018
Views
20
Helpful
0
Comments

Bluetooth Hacking

Anim Saxena
Level 1
Level 1
‎08-21-2014 01:24 PM

[toc:faq]

Bluetooth Technology:

Bluetooth can be defined as an open wireless technology standard which lays down the set of rules so that exchanging of data over short distances (using short wavelength radio transmissions) from fixed and mobile devices, creating personal area networks (PANs) with high levels of security. Created by telecoms vendor Ericsson in 1994, it was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices, overcoming problems of synchronization. Today Bluetooth is managed by the Bluetooth Special Interest Group.

The word Bluetooth is an anglicised version of Danish/Swedish Blåtand, the epithet of the tenth-century king Harald I of Denmark and parts of Norway who united dissonant Danish tribes into a single kingdom. The implication is that Bluetooth does the same with communications protocols, uniting them into one universal standard.

 

Bluejacking:

  • Process of sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another bluetooth enabled device via the OBEX protocol.
  • Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.
  • Bluejacking was reportedly first carried out by a Malaysian IT consultant who used his phone to advertise Sony Ericsson. He also invented the name, which purports to be an amalgam of Bluetooth and ajack, his username on Esato, a Sony Ericsson fan online forum. Jacking is, however, an extremely common shortening of hijack, the act of taking over something.

 

Bluesnarfing:

Process to gain unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos. Currently available programs must allow connection and to be 'paired' to another phone to copy content. There may be other programs that can break into the phones without any control, but if they exist they are not made publicly available by the developer. One instance of Bluesnarfing software that was demonstrated (but never made available for download) utilized weaknesses in the Bluetooth connection of some phones. This weakness has since been patched by the Bluetooth standard. There seem to be no available reports of phones being Bluesnarfed without pairing, since the patching of the Bluetooth standard.

 

Bluebugging:

A form of bluetooth attack often caused by users due to lack of awareness. In progression of discovery date to society, bluetooth attacks were first seen with the advent of bluejacking, followed by bluesnarfing,

Bluebugging was first discovered by the German researcher named Herfurt. His Bluebug program allowed the user to ultimately take control of a victim's phone, which, in turn could be used to call the user's phone. In other words, this meant that the Bluebug user could simply listen to any conversation his/her victim was having in real life/time. In addition, this program allowed for the ability to create a call forwarding application whereby the user could receive calls intended for his/her victim.

 

Famous Bluetooth based Viruses & Worms:

  1. The Cabir Worm
  2. The Mabir Worm
  3. The Lasso Worm
  4. The Commonwarrior MMS Virus
  5. The Car Viruses
  6. The WinCE Duts Virus
  7. The Mos Trojan
  8. The Fontal Trojan
  9. The Doomboot Trojan
  10. The Hobbes Trojan
  11. The Drever Trojan
  12. The Skulls Trojan
  13. The Onehop Trojan
  14. The MGDropper Trojan
  15. The Appdisabler Trojan
  16. The Damping File Dropper

 

Famous tools used for Bluetooth Hacking:

 
Super Bluetooth Hack:
By using this software attacker can read information and control the device from remote cell phone via Bluetooth or infra .The Phone list and SMS can be stored in the HTML type along with this, information about the battery, Sim card and network will also be obtained.
 

Blue scanner:
Blue Scanner is used by an attacker to search for the Bluetooth enabled devices and then try to extract as much as possible information of each newly discovered device.

Blue Bugger:
It exploits the Blue Bug (and a set of Bluetooth security holes) vulnerability of a Bluetooth enabled devices After by exploiting vulnerabilities hacker gains access on the call list, phone-book and more information on that device.

BTbrowser:
BT Browser is a J2ME application which have capability to browse and explore good information about the technical specification of surrounding Bluetooth enabled devices. An attacker can browse device information related to supported profiles, services records of the device.

BTCrawler:

BT Crawler is used to scan Windows based mobile device. it scans for the other devices in a range and then performs a service query. Finally attacker implements BlueSnarfing.

 

 

Note: Information regarding tools is for the educational purposes. If any user uses tools in public or actions with illigitimate intent then he/she is liable for action under Cyber Law

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Popular Articles
Customers Also Viewed These Support Documents