The Different Types of Bluetooth Hacking

Bluetooth is a wireless technology which is used to exchange information over short range of distances by making use of short-wavelength radio transmissions. This technology is used in mobile as well as fixed devices. It enables the connection of several devices at the same time.

Given that the Bluetooth has been used for a long time, there exist several flaws in the system. These flaws have been subject to different types of attacks over time, which makes the technology very vulnerable to hacking.

Types of Bluetooth hacking

Bluejacking

The first most popular attack on Bluetooth enables devices is Bluejacking. This type of attack enables unknown people to send unwanted messages or electronic business cards to Bluetooth enabled mobile phones. The attackers modify the procedure for card passing so as to make the message to be sent to appear as a business card and then send the business card to a nearby mobile phone which is Bluetooth enabled.

Bluejacking tools are very easy to use and these messages can be shooted in crowdy places for examples in shopping malls. Some people even use the bluejacking technique to send commercial advertisement messages to people passing nearby.

Bluesnarfing

The Bluesnarfing attack is much more damaging to the bluejacking technique as it enables you to wirelessly connect to to Bluetooth enables mobile phones without any knowledge from the owner and copy their the mobile phone’s address book, their sms messages, their call logs and some more advanced features enable you to to update the directory of the mobile by adding new contacts in the mobile phones.

Most bluesnarfing tools are downloaded as JAR files.

The Bluesanrfing technique works like the Bluejacking technique by making use of the exchange of business cards. This exchange is done using the OBEX protocol and enables the Bluetooth machine to connect to the device which needs to be compromised but instead of exchanging a business card, it request for information (the phonebook file, the call logs etc) from the target.

Bluebugging

The Bluebugging attack is more powerful than the bluejacking and bluesnarfing attacks. It allows the attacker to take complete control of your mobile phone without the user knowing anything about it. They can make phone calls, listen to conversations where the phone is located. Bluesanrfing capabilities also exist in bluebugging tools like copying the phone book and the the phone’s call list.

What factors make the Bluetooth technology vulnerable?

• Previous Bluetooth enabled devices contined many flaws.
• Users use pins which are short in length and easy to find out.
• Users accepting pairing blindly from unknows sources.
• Motivated hackers who want to gain valuable information.
• People leaving their Bluetooth permanently on.

How to Bluejack

1. Find a busy place where lots of mobile phones might be, such as shopping centres, trains, bars or cinemas
2. Create a new entry in your phone’s address book like ‘Hi you’ve been bluejacked’. Attach a picture if you want to.
3. Search the area for other Bluetooth phones to contact and choose one.
4. Send your message. They then receive the message, ‘Hi you’ve been bluejacked’.
5. Keep a look out for when your ‘victim’ gets the message and the puzzled look on their face.

Security Tips to prevent attacks on mobile phones

Enable Passcode Lock on Your phone

The most basic precaution you can take is to enable passcode lock and set it to automatically engage after a brief period of inactivity. By default, a passcode is not required to unlock the phone. Most people would put off this security measure for ease of use and convenience. However, the truth is that once you have it enabled, it becomes second nature and you would not notice any difference. It is recommended that you set a strong passcode. In the event of a physical theft, this will increase the effort required to compromise your phone.

• Disable Features That Could Be Accessed Without Entering the Passcode
• This would prevent the use of applications from your phone without your knowledge.
• Disable geotagging on the phone.
• This will prevent attackers find out where you are located.
• Erase All the Data Before Return, Repair, or Resale of Your phone.
• Erase all confidential information so that attackers cannt retrieve your personal information.
• Regularly Update the phone’s Firmware or Operating system.
• This will nebale you to get the latest security features for your mobile phones.
• Disable Bluetooth When Not in Use
• Disabling Bluetooth when not in use will prevent attackers from getting access to you phone when not in use.