This post was published 5 years 9 months 7 days ago. Therefore, it may well be out of date. Do not reply on the contents of this post being accurate. Bluetooth wireless technology uses radio waves to enable mobile devices, such as mobile phones, PDAs and laptops, to establish wireless connections with other devices that are in short range. Bluetooth technology provides user enhancements by ridding devices of the cables that can be cumbersome in a home or office environment and enabling access to mobile technology in areas where it is not normally available.
Unfortunately, wireless networks and devices are not immune to security threats. Security researchers have discovered specific vulnerabilities in Bluetooth that can cause problems for users and IT administrators if they are not understood or if Bluetooth is poorly or improperly implemented.
Any Bluetooth wireless technology enabled device is at risk for attack when all of the following conditions are present:
• The Bluetooth radio is enabled on the target device.
• The target device is set to discoverable mode.
• The target device is physically located within the range of an attacker.
Known vulnerabilities
Bluejacking
Bluejacking is the act of anonymously sending a message to a user of a Bluetooth wireless technology enabled device who has turned on Bluetooth technology and made their device visible (also referred to as discoverable) to other devices. Attackers can target individuals or broadcast anonymous messages to all discoverable devices in the area. Because Bluetooth wireless technology enabled phones, PDAs, and laptops can search for other devices within a short range, attackers in crowded public areas can easily send anonymous messages without detection. Bluejacking is a user-based risk.
Bluesnarfing
Bluesnarfing occurs when attackers use Bluetooth technology to connect to a target device without notifying the user and access target device information without knowledge or consent. Typically, the attacker accesses the user’s contact list, although all object exchange (OBEX)-addressable data that is stored on the device is vulnerable. Revealing sensitive information is the most obvious consequence of this type of attack, but there are other consequences, including sending an SMS message, initiating a phone call, or creating a false phone book entry. Bluesnarfing is a device-based risk that occurs because of an incorrect implementation of the specification for Bluetooth wireless technology by device manufacturers.
Note: BlackBerry devices should not be vulnerable to bluesnarfing attacks because the OBEX functionality is not implemented on BlackBerry devices. The Bluetooth interface that is implemented by RIM is only plugged into the phone application (for voice usage), which should prevent attackers from accessing core BlackBerry device data.
Bluebugging
Bluebugging involves accessing mobile phone commands using Bluetooth wireless technology without notifying or alerting the user of the target device. This vulnerability enables the attacker to initiate phone calls, send and read SMS messages, access and enter phonebook contacts, eavesdrop on phone conversations, and connect to the Internet all without detection or authorization. Bluebugging is a device-based risk that occurs because of poor implementation of Bluetooth security mechanisms by device manufacturers.
To help prevent against bluebugging, bluesnarfing, and bluebugging attacks,
Bluetooth users can perform the following actions:
• Set the mobile device to non-discoverable mode.
• If the mobile device is set to discoverable mode, deny requests to pair with unknown devices.
• When pairing a mobile device with a Bluetooth wireless technology enabled device, set the device to discoverable mode only for as long as it takes to complete the pairing.
• Complete device pairings in private, uncrowded areas.
• Protect the device name assigned to the BlackBerry device. If an attacker knows the name of a device, it is vulnerable to an attack even when the device is set to non-discoverable mode.
• Choose to encrypt Bluetooth wireless technology connections with the mobile device.
Note: BlackBerry devices uses Bluetooth Security Mode 3 and the highest encryption key length available on the paired device (minimum = 8 bits/maximum = 128 bits).