Bluetooth is a high-speed but very short-range medium for exchanging data by wireless means between desktop and mobile computers, smartphones, tablets, PDAs (Personal Digital Assistants), and other devices that support the technology.
What is the Bluesnarfing attack?
Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection. By exploiting a vulnerability in the way Bluetooth is implemented on a mobile phone, an attacker can access information — such as the user’s calendar, contact list, and e-mail and text messages — without leaving any evidence of the attack.
Other devices that use Bluetooth, such as laptop computers, may also be vulnerable, although to a lesser extent, under their more complex systems. Operating in invisible mode protects some devices, but others are vulnerable as long as Bluetooth is enabled.
How does Bluesnarfing attack work?
According to a ZDNet UK article, attackers are exploiting a problem with some implementations of the object exchange (OBEX) protocol, which is commonly used to exchange information between wireless devices. The article claims that bluesnarfing tools are widely available on the Internet, along with information about how to use them.
Bluesnarfing then requires the attacker to connect to an OBEX Push target and perform an OBEX GET request for known filenames. These filenames are specified under the IrMC Specification (a standard for wireless data transfer) and include the likes of “telecom/cal.vcs” (for a device calendar) and “telecom/pb.vcf” (for a device phone book).
Once the OBEX protocol has been compromised, a hacker can synchronize their system with their targeted victim’s device, in a process known as pairing. If the firmware on a device is unsecured or improperly implemented, an attacker may be able to gain access to and steal all the files whose names are either known or guessed correctly. They may also be able to gain access to any services available to the targeted user.
Discovery of the Bluesnarfing attack
Adam Laurie, of A.L. Digital, discovered the vulnerability that enables bluesnarfing in November 2003, when he was testing the security of Bluetooth devices. Laurie’s publication of a vulnerability disclosure notification on the Bugtraq blog in November 2003 (an attempt to make device manufacturers aware of the problem) was the first occasion on which bluesnarfing became more generally known.
These resources are accessible to both “black hat” and “white hat” hackers, which is why the first tool to be deployed from the BlueSnarf attacker’s bag of tricks is typically a utility like Bluediving – which is essentially a penetration testing application that probes Bluetooth-compatible devices for OBEX protocol vulnerabilities.
Once a device has been identified as being susceptible to BlueSnarf attacks, the hacker then has a few options:
- If they have some programming skills, they can code and compile a complete bluesnarfing attack tool of their own.
- They can avail themselves of the code snippets and resources available on a site like BlueJackingTools.com, and customize an attack weapon of their choice.
- They can contact an independent bluesnarfing “contractor”, and hire their services or purchase a BlueSnarf attack package from them.
- What makes bluesnarfing such a concern is that when an attack is underway, the victim can be completely unaware of what’s going on as their high-value data leaks away into cyber-criminal hands – and that short of disabling Bluetooth on your devices altogether, there’s no foolproof way of preventing a BlueSnarf attack.
How to protect yourself?
That said, there are some measures you can take to protect yourself:
- On many devices, mobile discovery modes are activated by default. A device will remain susceptible to bluesnarfing attacks unless this mode is deactivated.
- Keeping your phone or another mobile device in “invisible” mode affords some measure of protection against BlueSnarf attacks.
- There are anti-bluesnarfing tools available – typically, simple utilities that may be configured to detect any unauthorized Bluetooth connection between your device and those of others nearby. As with the attack tools, these defensive weapons may be found on bluesnarfing resource websites.