Bluetooth
came up as one of the major breakthroughs in close range wireless
transfer of data and communication standard between mobile devices.
Although the GSM standard itself is a wireless standard operating on
licensed bands, yet transfer of large amount of data is not feasible
especially if you want to share a file may be with your friend near by.
Mobiles did have the Infrared technology which was used for such
applications.
But to use it, infrared lenses of both the mobiles had to be within the line of sight. Infrared also became popular for playing two player games, but once again all such applications with Infrared don’t offer the feature of mobility which is the purpose of having a mobile in the first place.
The Bluetooth technology solved this issue and we can now do all this stuff we did with Infrared using unlicensed band of radio waves without having to be in line of sight. Therefore this major issue with Infared can now be addressed without compromising user mobility.
Bluetooth has become a very basic feature of mobiles and now every mobile be it from a branded vendor or to may be a Chinese clone of such mobiles; all have this feature embedded in them. Many Bluetooth application therefore have emerged that allow peering of users, however people least give importance to the security issues that arise when radio spectrum is used in such a way.
Although using unlicensed band has its benefits to the end user but being under no regulation it is more vulnerable to security issues. A typical user sharing a file with a friend would be least concerned about the security threats, using Bluetooth can cause. However if an individual’s mobile is compromised, the hacker can have easy access to personal data and can even manipulate it, which might concern him too.
Here lets take a look into the different categories of how hackers can infiltrate user’s mobile using Bluetooth, then we will discuss their mechanism briefly to make the end user aware of how vulnerable he can be.
But to use it, infrared lenses of both the mobiles had to be within the line of sight. Infrared also became popular for playing two player games, but once again all such applications with Infrared don’t offer the feature of mobility which is the purpose of having a mobile in the first place.
The Bluetooth technology solved this issue and we can now do all this stuff we did with Infrared using unlicensed band of radio waves without having to be in line of sight. Therefore this major issue with Infared can now be addressed without compromising user mobility.
Bluetooth has become a very basic feature of mobiles and now every mobile be it from a branded vendor or to may be a Chinese clone of such mobiles; all have this feature embedded in them. Many Bluetooth application therefore have emerged that allow peering of users, however people least give importance to the security issues that arise when radio spectrum is used in such a way.
Although using unlicensed band has its benefits to the end user but being under no regulation it is more vulnerable to security issues. A typical user sharing a file with a friend would be least concerned about the security threats, using Bluetooth can cause. However if an individual’s mobile is compromised, the hacker can have easy access to personal data and can even manipulate it, which might concern him too.
Here lets take a look into the different categories of how hackers can infiltrate user’s mobile using Bluetooth, then we will discuss their mechanism briefly to make the end user aware of how vulnerable he can be.
Categories of bluetooth hacking
Bluetooth hacks are categorized broadly among:
- Bluejacking
- Bluesnarfing
- Bluebugging
- Bluetoothing
- Firstly let’s take a look into Bluejacking. In Bluejacking a hacker might send unsolicited messages to the victim in the form of a business card or a mobile contact with a text that may look intimidating to read. In many cases hacker may also send sounds like a ring tone. The victim’s mobile could then be infiltrated and he might never know what has hit him. Bluejacking messages can also be viewed as spam messages with emails. There have also been reports about people getting hacked by Trojan Horse’s which could mean a serious compromise.
- Bluesnarfing is considered a serious compromise in the category of Bluetooth hacking especially if the information vulnerable, is quite critical, as such attacks can allow the hacker access to victims; contact list, text messages, emails and even private photos and videos. The hacker can use brute force attack even if the device is invisible to guess the victims MAC address.
- The third type of hacking mechanism is Bluebugging, in which the hacker uses sophisticated attacks to gain control of victims mobile. It works just like Trojan horses, where the hacker can manipulate the users phone the way he desires by executing commands on the victims phone. The hacker could forward mobile calls from the victim’s mobile to his own device and can even manipulate the mobile to follow a Bluetooth headset instructions like; receive call, send messages etc.
- The final type is Bluetoothing which is just like social engineering; the hacker can use methods like harassment or luring the victim to fall his prey to his intentions.
The Tool Mostly Used For Bluetooth Hacking
Bluetooth
technology didn’t just come out randomly for hobbyist to play with. It
was a joint venture of top mobile companies just like the Wi-fi
alliance. Therefore security fixes are often made in the form of
firmware updates, by these companies when ever a threat emerges.
However like with most security vulnerabilities it is also important that the end user be educated as people don’t know what they are allowing or running in their cell phones. Hackers create tools from time to time to compromise such vulnerable mobiles.
One such tool is Super Bluetooth Hack which demonstrates characteristics of both Bluesnarfing and Bluebugging. This Bluetooth hack is one of the most widely used and is used by both professional hackers as well as people who just want to have fun by sneaking into other's mobiles, without even knowing about the security issues that may arise in doing so.
However like with most security vulnerabilities it is also important that the end user be educated as people don’t know what they are allowing or running in their cell phones. Hackers create tools from time to time to compromise such vulnerable mobiles.
One such tool is Super Bluetooth Hack which demonstrates characteristics of both Bluesnarfing and Bluebugging. This Bluetooth hack is one of the most widely used and is used by both professional hackers as well as people who just want to have fun by sneaking into other's mobiles, without even knowing about the security issues that may arise in doing so.
Security Issues With Super Bluetooth hack
Super
Bluetooth hack is a typical small 270KB Java application that runs on
mobile environment. It can cause great damage by gathering victim’s
personal information as discussed in the hacking categories earlier. It
is not an authentication-bypass tool that could use brute-force or back
door attack, but it uses method of social engineering to hack into
victim’s mobile.
Following are some of the key threats posed by this tool:
Always keep Bluetooth off when you are not using it and make sure you are pairing with known devices when ever you need too. Make sure you rename the mobile to something more generic too you, else the default name which is the model of the mobile will be displayed. Another important thing which you must have with you not just regards to Bluetooth but mobile security in general is your mobile PIN, which you can use too reset you phone to default factory settings.
These are some basic but necessary precautionary measures which you can take to protect your phone privacy. Bluetooth like most technologies is meant to benefit us but we should know how to use it safely to protect us from their side effects too!
Following are some of the key threats posed by this tool:
- The hacker can bypass pairing by sending a download file which if the victim accepts; he might give him access to his personal data. In another method the hacker might establish one time pairing to intervene into the victim’s mobile by physically accessing his phone. Therefore the end user must be aware of such attacks as it is one of the most common and simplest method used my hackers.
- The hacker could get access to the victim’s call register and he might place a call, put them on hold or hang-up. The victim might think that there is an issue in the phone however in reality his phone is compromised by an infiltrator.
- This tool can make the victim’s mobile extremely vulnerable as the hacker issues desired commands on the victim’s phone and can even get data to his device, by bypassing any authentication mechanism. This shows how lethal such tools can be which are readily available on the web. Thus we must be responsible of protecting our mobiles too by taking necessary precautions.
Precautions
All these hacks have been mentioned just to inform the bluetooth users how vulnerable there devices can be. Currently no such major software has been developed to stop the above methods of hacking however newer devices are built taking into account these threats and experts believe that they will prove to be more secure. Regardless of all this, there are always some precautions that can be taken i.e.Always keep Bluetooth off when you are not using it and make sure you are pairing with known devices when ever you need too. Make sure you rename the mobile to something more generic too you, else the default name which is the model of the mobile will be displayed. Another important thing which you must have with you not just regards to Bluetooth but mobile security in general is your mobile PIN, which you can use too reset you phone to default factory settings.
These are some basic but necessary precautionary measures which you can take to protect your phone privacy. Bluetooth like most technologies is meant to benefit us but we should know how to use it safely to protect us from their side effects too!
0 comments:
Post a Comment