Bluesnarfing is the access control of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant).
For a Bluesnarfing attack to succeed, the attacker generally needs to be within a maximum range of 10 meters from the target device. In some cases, though, attackers can initiate a Bluesnarfing attack from a greater distance.
Description
Bluesnarfing exploits vulnerabilities in the
OBject EXchange protocol used for Bluetooth device communication, involving hackers who use tools like Bluediving to detect susceptible devices. Once a vulnerable device is identified, hackers establish a connection and employ Bluesnarfing tools to extract data. These tools, available on the
dark web or developed by hackers, enable attackers to access sensitive information from compromised devices.
Any device with its Bluetooth connection turned on and set to "discoverable" (able to be found by other Bluetooth devices in range) may be susceptible to Bluejacking and possibly to Bluesnarfing if there is a vulnerability in the vendor's software. By turning off this feature, the potential victim can be safer from the possibility of being Bluesnarfed; although a device that is set to "hidden" may be Bluesnarfable by guessing the device's
/ref> The remaining 24 bits have approximately 16.8 million possible combinations, requiring an arithmetic mean of 8.4 million attempts to guess by brute force.
Prevalence
Attacks on wireless systems have increased along with the popularity of
. Attackers often search for rogue access points, or unauthorized wireless devices installed in an organization's network and allow an attacker to circumvent
network security. Rogue access points and unsecured wireless networks are often detected through war driving, which is using an automobile or other means of transportation to search for a wireless signal over a large area. Bluesnarfing is an attack to access information from wireless devices that transmit using the Bluetooth protocol. With mobile devices, this type of attack is often used to target the international mobile equipment identity (IMEI). Access to this unique piece of data enables the attackers to divert incoming calls and messages to another device without the user's knowledge.
While Bluesnarfing was a widespread threat in the mid-2000s, its prevalence has plummeted. This is primarily due to the transition from "Legacy Pairing" to Secure Simple Pairing (SSP) and the introduction of the Bluetooth 4.0 (Low Energy) and 5.0+ specifications, which mandate AES-128 encryption and improved authentication layers.
Response
Bluetooth vendors advise customers with vulnerable Bluetooth devices to either turn them off in areas regarded as unsafe or set them to undiscoverable.
[Fuller, John, How Bluetooth Surveillance Works, http://electronics.howstuffworks.com/bluetooth-surveillance1.htm] This Bluetooth setting allows users to keep their Bluetooth on so that compatible Bluetooth products can be used but other Bluetooth devices cannot discover them.
Because Bluesnarfing is an invasion of privacy, it is illegal in many countries.
Bluesniping
Bluesniping has emerged as a specific form of Bluesnarfing that is effective at longer ranges than normally possible. According to
Wired magazine, this method surfaced at the Black Hat Briefings and DEF CON hacker conferences of 2004 where it was shown on the G4techTV show
The Screen Savers.
For example, a "rifle" with a directional antenna,
Linux-powered embedded PC, and
Bluetooth module mounted on a Ruger 10/22 folding stock has been used for long-range Bluesnarfing.
In popular culture
In the TV series
Person of Interest, Bluesnarfing, often mistakenly referred to as Bluejacking in the show and at other times forced pairing and phone cloning, is a common element in the show used to spy on and track the people the main characters are trying to save or stop.
In the TV series Pretty Little Liars, Bluesnarfing is used in an attempt to determine the identity of the show's antagonist.
See also
Mark Ciampa (2009), Security+ Guide to Network Security Fundamentals Third Edition. Printed in Canada.
Roberto Martelloni's home page with Linux source code of released Bluesnarfer proof-of-concept.
