Bluetooth came up as one of the major breakthroughs in close range wireless transfer of data and communication standard between mobile devices. Although the GSM standard itself is a wireless standard operating on licensed bands, yet transfer of large amount of data is not feasible especially if you want to share a file may be with your friend near by. Mobiles did have the Infrared technology which was used for such applications.
But to use it, infrared lenses of both the mobiles had to be within the line of sight. Infrared also became popular for playing two player games, but once again all such applications with Infrared don’t offer the feature of mobility which is the purpose of having a mobile in the first place.
The Bluetooth technology solved this issue and we can now do all this stuff we did with Infrared using unlicensed band of radio waves without having to be in line of sight. Therefore this major issue with Infared can now be addressed without compromising user mobility.
Bluetooth has become a very basic feature of mobiles and now every mobile be it from a branded vendor or to may be a Chinese clone of such mobiles; all have this feature embedded in them. Many Bluetooth application therefore have emerged that allow peering of users, however people least give importance to the security issues that arise when radio spectrum is used in such a way.
Although using unlicensed band has its benefits to the end user but being under no regulation it is more vulnerable to security issues. A typical user sharing a file with a friend would be least concerned about the security threats, using Bluetooth can cause. However if an individual’s mobile is compromised, the hacker can have easy access to personal data and can even manipulate it, which might concern him too.
Here lets take a look into the different categories of how hackers can infiltrate user’s mobile using Bluetooth, then we will discuss their mechanism briefly to make the end user aware of how vulnerable he can be.
Categories of bluetooth hacking
Bluetooth hacks are categorized broadly among:
- Firstly let’s take a look into Bluejacking. In Bluejacking a hacker might send unsolicited messages to the victim in the form of a business card or a mobile contact with a text that may look intimidating to read. In many cases hacker may also send sounds like a ring tone. The victim’s mobile could then be infiltrated and he might never know what has hit him. Bluejacking messages can also be viewed as spam messages with emails. There have also been reports about people getting hacked by Trojan Horse’s which could mean a serious compromise.
- Bluesnarfing is considered a serious compromise in the category of Bluetooth hacking especially if the information vulnerable, is quite critical, as such attacks can allow the hacker access to victims; contact list, text messages, emails and even private photos and videos. The hacker can use brute force attack even if the device is invisible to guess the victims MAC address.
- The third type of hacking mechanism is Bluebugging, in which the hacker uses sophisticated attacks to gain control of victims mobile. It works just like Trojan horses, where the hacker can manipulate the users phone the way he desires by executing commands on the victims phone. The hacker could forward mobile calls from the victim’s mobile to his own device and can even manipulate the mobile to follow a Bluetooth headset instructions like; receive call, send messages etc.
- The final type is Bluetoothing which is just like social engineering; the hacker can use methods like harassment or luring the victim to fall his prey to his intentions.
The Tool Mostly Used For Bluetooth Hacking
Bluetooth technology didn’t just come out randomly for hobbyist to play with. It was a joint venture of top mobile companies just like the Wi-fi alliance. Therefore security fixes are often made in the form of firmware updates, by these companies when ever a threat emerges.
However like with most security vulnerabilities it is also important that the end user be educated as people don’t know what they are allowing or running in their cell phones. Hackers create tools from time to time to compromise such vulnerable mobiles.
One such tool is Super Bluetooth Hack which demonstrates characteristics of both Bluesnarfing and Bluebugging. This Bluetooth hack is one of the most widely used and is used by both professional hackers as well as people who just want to have fun by sneaking into other's mobiles, without even knowing about the security issues that may arise in doing so.
Security Issues With Super Bluetooth hack
Super Bluetooth hack is a typical small 270KB Java application that runs on mobile environment. It can cause great damage by gathering victim’s personal information as discussed in the hacking categories earlier. It is not an authentication-bypass tool that could use brute-force or back door attack, but it uses method of social engineering to hack into victim’s mobile.
Following are some of the key threats posed by this tool:
- The hacker can bypass pairing by sending a download file which if the victim accepts; he might give him access to his personal data. In another method the hacker might establish one time pairing to intervene into the victim’s mobile by physically accessing his phone. Therefore the end user must be aware of such attacks as it is one of the most common and simplest method used my hackers.
- The hacker could get access to the victim’s call register and he might place a call, put them on hold or hang-up. The victim might think that there is an issue in the phone however in reality his phone is compromised by an infiltrator.
- This tool can make the victim’s mobile extremely vulnerable as the hacker issues desired commands on the victim’s phone and can even get data to his device, by bypassing any authentication mechanism. This shows how lethal such tools can be which are readily available on the web. Thus we must be responsible of protecting our mobiles too by taking necessary precautions.
All these hacks have been mentioned just to inform the bluetooth users how vulnerable there devices can be. Currently no such major software has been developed to stop the above methods of hacking however newer devices are built taking into account these threats and experts believe that they will prove to be more secure. Regardless of all this, there are always some precautions that can be taken i.e.
Always keep Bluetooth off when you are not using it and make sure you are pairing with known devices when ever you need too. Make sure you rename the mobile to something more generic too you, else the default name which is the model of the mobile will be displayed. Another important thing which you must have with you not just regards to Bluetooth but mobile security in general is your mobile PIN, which you can use too reset you phone to default factory settings.
These are some basic but necessary precautionary measures which you can take to protect your phone privacy. Bluetooth like most technologies is meant to benefit us but we should know how to use it safely to protect us from their side effects too!
All the above mentioned bluetooth hacks have been stated to spread awareness regarding the potential risks which bluetooth devices face, any anti-hacking tips related to the above hacks are welcomed and can be shared at the comments section.
avi on April 28, 2012:
shahruk on April 18, 2012:
hey i want to know any technology that can help protect against these hacking
Praful on March 20, 2012:
I want to tipes of haking bluetooth.
shabnam on January 17, 2012:
what are the steps of hacking bluetooth?plz provide the details.
hamid on January 15, 2012:
Can you help me about the security challenges of the Bluetooth network and provide a new security strategy
Billy on January 03, 2012:
D.D Ghevariya on January 02, 2012:
hi....that's good but it is not specific compare to the title.
but good keep it up compare to us..
Vic on December 17, 2011:
Hassam, I want to hack my Bluetooth Keyboard radio for A2DP headset in order to lighten my load Got any ideas?
ani on October 22, 2011:
michael on September 13, 2011:
in regards to mike walders post. They have dialer systems that can mask and even change numbers. in addition that 543440 # may be a short code or premium text service. goodluck
Mike Walder on July 11, 2011:
Hi,I've just received 3 text messages on my phone which appear to have been sent by my own number.I believe this is due to a friends phone having been bluetooth compromised and my contact details being "hacked" from their phone. I've also received another related message that was sent from +543440. Is there anyway I, or the police, can trace the source of these text messages
selva on July 02, 2011:
hey i've one doubt...how will i knew that my mobile phone is hacked??????
echo on December 14, 2010:
can it hack even when your bluetooth isn't enabled as what my classmates are claiming?
T1 on September 23, 2010:
Hey Man get intouch
hassam (author) from Pakistan on August 02, 2010:
Yea, the hacker has to be in the bluetooth range.
MyInfo411 on August 01, 2010:
Does someone have to be near you or near your home in order to hack into your phone via bluetooth?
Blackstage on May 20, 2010:
Thanks Hassam....some really useful stuff there to assist my with my MSc Forensics ethics assignment on bluetooth hacking
Sunita Bhati on April 15, 2010:
Thanx Hassam........ I found ur article more informative for my dissertation work. I hope u will share more information about bluetooth among us. Thanx....
kiran amin on January 14, 2010:
thank a lot coz u have provided me with the sufficient amount of info that i needed for my project
once again thanks a lot
britneydavidson from united kingdom on August 21, 2008:
Hi hassam being the lover of technolgoy i like your post the best and very very informative. As per my serach result this is first post and its totally unique which i found here in hubpages.