Bluetooth can be defined as an open wireless technology standard which lays down the set of rules so that exchanging of data over short distances (using short wavelength radio transmissions) from fixed and mobile devices, creating personal area networks (PANs) with high levels of security. Created by telecoms vendor Ericsson in 1994, it was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices, overcoming problems of synchronization. Today Bluetooth is managed by the Bluetooth Special Interest Group.
The word Bluetooth is an anglicised version of Danish/Swedish Blåtand, the epithet of the tenth-century king Harald I of Denmark and parts of Norway who united dissonant Danish tribes into a single kingdom. The implication is that Bluetooth does the same with communications protocols, uniting them into one universal standard.
Process of sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another bluetooth enabled device via the OBEX protocol.
Bluetooth has a very limited range, usually around 10 metres (32.8 ft) on mobile phones, but laptops can reach up to 100 metres (328 ft) with powerful (Class 1) transmitters.
Bluejacking was reportedly first carried out by a Malaysian IT consultant who used his phone to advertise Sony Ericsson. He also invented the name, which purports to be an amalgam of Bluetooth and ajack, his username on Esato, a Sony Ericsson fan online forum. Jacking is, however, an extremely common shortening of hijack, the act of taking over something.
Process to gain unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can copy pictures and private videos. Currently available programs must allow connection and to be 'paired' to another phone to copy content. There may be other programs that can break into the phones without any control, but if they exist they are not made publicly available by the developer. One instance of Bluesnarfing software that was demonstrated (but never made available for download) utilized weaknesses in the Bluetooth connection of some phones. This weakness has since been patched by the Bluetooth standard. There seem to be no available reports of phones being Bluesnarfed without pairing, since the patching of the Bluetooth standard.
A form of bluetooth attack often caused by users due to lack of awareness. In progression of discovery date to society, bluetooth attacks were first seen with the advent of bluejacking, followed by bluesnarfing,
Bluebugging was first discovered by the German researcher named Herfurt. His Bluebug program allowed the user to ultimately take control of a victim's phone, which, in turn could be used to call the user's phone. In other words, this meant that the Bluebug user could simply listen to any conversation his/her victim was having in real life/time. In addition, this program allowed for the ability to create a call forwarding application whereby the user could receive calls intended for his/her victim.
Famous Bluetooth based Viruses & Worms:
The Cabir Worm
The Mabir Worm
The Lasso Worm
The Commonwarrior MMS Virus
The Car Viruses
The WinCE Duts Virus
The Mos Trojan
The Fontal Trojan
The Doomboot Trojan
The Hobbes Trojan
The Drever Trojan
The Skulls Trojan
The Onehop Trojan
The MGDropper Trojan
The Appdisabler Trojan
The Damping File Dropper
Famous tools used for Bluetooth Hacking:
Super Bluetooth Hack: By using this software attacker can read information and control the device from remote cell phone via Bluetooth or infra .The Phone list and SMS can be stored in the HTML type along with this, information about the battery, Sim card and network will also be obtained.
Blue scanner: Blue Scanner is used by an attacker to search for the Bluetooth enabled devices and then try to extract as much as possible information of each newly discovered device.
Blue Bugger: It exploits the Blue Bug (and a set of Bluetooth security holes) vulnerability of a Bluetooth enabled devices After by exploiting vulnerabilities hacker gains access on the call list, phone-book and more information on that device.
BTbrowser: BT Browser is a J2ME application which have capability to browse and explore good information about the technical specification of surrounding Bluetooth enabled devices. An attacker can browse device information related to supported profiles, services records of the device.
BT Crawler is used to scan Windows based mobile device. it scans for the other devices in a range and then performs a service query. Finally attacker implements BlueSnarfing.
Note: Information regarding tools is for the educational purposes. If any user uses tools in public or actions with illigitimate intent then he/she is liable for action under Cyber Law
Hi Everybody,Our Customer installed ISE 2.4, Domain Controller (AD) integrated with ISE, all the Users uses Windows 10 OS.The Domain Controller Team created a policy that allow the Active Directory Users changes it's own password before Login.This policy ...
Hi,I have a BYOD policy configured in ISE 2.4 and everything works well (EAP-PEAP & TLS), We only use ISE for Wireless, not for Wired. I want the BYOD to push a computer certificate while onboarding and that certificate can be used for Machine authent...
Cisco Fire Power Services (6.2.1) are running on ASA 5555x (9.10(1)), from couple of months we are not getting any data under Analysis->Connections>Events. So far we tried rebooting FMC vm and ASA firewalls but still on luck, please advise how to re...