BLUEJACKING
Bluejacking refers to the process of temporarily hijacking another person's mobile phone or Bluetooth enabled device by sending the other device a text message via the Bluetooth wireless networking system.
In the case of Bluejacking, the sender of a Bluetooth message creates a contact, such as a phonebook contact in a Bluetooth equipped mobile phone, and writes a message in the Name field of the contact.
Bluetooth equipped devices, such as mobile phones are able to search for other Bluetooth equipped devices within a range of about 10 metres. When another Bluetooth equipped device is found, it is displayed in the list of Bluetooth devices on the sender's device (
e.g. a mobile phone screen).
In order for the contact information to be sent to the chosen Bluetooth device, the sender's Bluetooth device needs to be paired with the other Bluetooth device. Bluejacking involves tricking the recipient into pairing their Bluetooth device with the sender's Bluetooth device. When the pairing dialogue is presented on the recipient's Bluetooth device, the sender's Bluetooth device name is displayed. The Bluetooth device name can be more than 200 characters in length, thus by careful naming of the sender's Bluetooth device (
e.g. " free offer, press here to find out more!"), the recipient can be fooled into pairing their device unwittingly.
See Also:
Bluetooth,
Bluesnarfing,
Bluesniping,
Bluetooth Vulnerabilities
Resources