Bluesnarfing
June 9th, 2017

All About Bluesnarfing : The Bluetooth Hack

Posted by:

Bluetooth is a short-range yet high-speed medium to exchange data using wireless means between smartphones, mobile computers, PDAs (Personal Digital Assistants), desktop computers, tablets and other technology supporting devices.

The term ‘Bluesnarfing’ refers to device heck which is executed when a Bluetooth-capable device is set to “discoverable” mode and Bluetooth function is turned on. Moreover, it is possible to located the device by other compatible devices that are within range.

This whole thing is aimed at data theft from a wireless device with a Bluetooth connection. The device has information from emails, contact lists, text messages and calendars. As obvious, the theft takes place without letting the user know about it which is why it may go on indefinitely unless discovered.

An Eye-Opener Discovery

Going as per anecdotal evidence, it was in September 2003 when bluesnarfing first came to light. It was discovered by researcher Marcel Holtmann. In November 2003, Adam Laurie of A.L. Digital’s independent investigations while testing the security of Bluetooth-compatible devices discovered exactly the same vulnerability which was behind bluesnarfing.

When Laurie’s publication of a vulnerability disclosure notification took place on the Bugtraq blog in November 2003, bluesnarfing came into notice more.

Object Exchange Dynamics

To execute a BlueSnarf attack, a hacker exploits the vulnerabilities that are present in deployments of the object exchange (OBEX) protocol. The protocol is used to monitor the exchange of information that takes place between wireless devices. The attacker than connects to the OBEX Push Profile (OPP) which is service that doesn’t need authentication. Besides, it is optimized for easy exchange of digital business cards and various other objects.

Connection is then made to an OBEX Push target and OBEX GET request is performed for known filenames. These filenames are termed under the IrMC Specification and include the likes of “telecom/cal.vcs” (for a device calendar) and “telecom/pb.vcf” (for a device phone book).

After the OBEX protocol is compromised, it gets easy for the hacker to synchronize their system with their targeted victim’s device. This process is known as pairing. It is important to know that if the firmware on a device is improperly implemented or unsecured, an attacker gets access to steal all the files whose names are known or guessed correctly. Not only this but they also get access to any services that are available to the targeted user.

Bluesnarfing to Order

Bluesnarfing tools and bespoke services are easily available if one knows where to look. These resources are accessible to black hat as well as white hat hackers. For this reason, the very first tool deployed from
BlueSnarf attacker’s bag is a utility like Bluediving. It is a penetration testing application that studies Bluetooth-compatible devices for OBEX protocol vulnerabilities.

After a device is identified as being susceptible to BlueSnarf attacks, the hacker gets options such as:

If they are familiar with some programming skills, it is easy for them to code and compile a complete bluesnarfing attack tool of their own.

They can get themselves of the code snippets and resources that are available particular sites. This way they can customize an attack weapon of their choice.

They can contact an independent bluesnarfing “contractor” which makes it possible for them to hire their services. Also, they can purchase a BlueSnarf attack package from them.

Counter-Measures

Now comes the question as what is it that makes bluesnarfing a concern. Well, when an attack is under way, the victims has no idea what’s going on as their high-value data leaks into cyber-criminal hands. This short of disabling Bluetooth on devices altogether, there’s no way to prevent a BlueSnarf attack.

There are some ways that offer protection:

⦁ Mobile discovery modes are activated by default on many devices. Unless this mode is deactivated, a device remains susceptible to bluesnarfing attacks.
⦁ Keeping phone or other mobile device in “invisible” mode is also a smart way to stay away from BlueSnarf attacks.
⦁ Anti-bluesnarfing tools are available and can be configured to detect any unauthorized Bluetooth connection between your device and nearby devices. With the attack tools, such defensive weapons are possible to be found on bluesnarfing resource websites.

Read more….Rid of Bluetooth device Problems


Leave a Reply

Your email address will not be published. Required fields are marked *