• Home
• Company
• Services
• Products
• Clients
• R & D

• Resources
• Q & A
• Colophon
• About
• Sitemap
• Contact

BLUESNARFING

Bluesnarfing exploits a security hole in Bluetooth which lets an attacker download all contact details, along with other information from a vulnerable Bluetooth enabled mobile phone, whilst leaving no trace of the attack.

Unlike bluejacking, which is where users can send a message to Bluetooth phones without authorisation, this latest discovery for the wireless-data standard allows data, such as telephone numbers and diary entries, stored in a vulnerable device to be stolen by the attacker. The new exploit is called bluesnarfing.

Bluesnarfing is a technique used to extract data from a Bluetooth enabled mobile phone. The object exchange (OBEX) protocol used in Bluetooth was designed to let users send information such as business card data to other Bluetooth users without authentication. In theory, this may sound a good idea, but it also adds vulnerabilities. Bluesnarfing can be used to exploit this vulnerability, with paired or unpaired Bluetooth devices, to extract data such as telephone numbers/phonebooks, calendars and diary entries, text entries or images.

Essentially, using the appropriate software, a laptop computer equipped with Bluetooth (either internally, or via a connection such as a PC card slot or a USB port), within range of another Bluetooth device, could discover the other Bluetooth device, connect to it, and download information from it, all without requiring the normal procedure of being paired with the Bluetooth device. There are some provisos however, the Bluetooth device would have to remain within range (10 metres or so) for a couple of minutes, therefore Bluesnarfing is less likely to be as effective if the person carrying the Bluetooth device is moving around. However, combined with the new Bluesniper device, the capability of a Bluetooth enabled laptop computer with the appropriate software may become somewhat greater.

Other organisations are advising customers to either turn off their Bluetooth or set it to 'undiscoverable'. This undiscoverable setting allows you to keep Bluetooth on so you can use compatible Bluetooth products, e.g. headsets, computer dongles, but other Bluetooth devices won't discover your device when they're searching for devices.

Bluesnarfing is said to affect a number of Sony Ericsson, Ericsson and Nokia handsets, but some models are at greater risk because they invite attack even when in 'invisible mode' -- in which the handset is not supposed to broadcast its identity and should refuse connections from other Bluetooth devices.

Bluesnarfing has huge potential for abuse because it leave no trace and victims will be unaware that their details have been stolen: "If your phone is in your pocket, you will be completely unaware," he said.

AL Digital has developed several proof-of-concept utilities, but has not released them into the wild, said Laurie. They include: Bluestumbler, to monitor and log all visible Bluetooth devices (name, MAC address, signal strength, capabilities), and identify the manufacturer from MAC address lookup; and Bluesnarf, which can copy data from a target device.

See Also:

Bluetooth, Bluejacking, Bluesniping, Bluetooth Vulnerabilities

Resources

• Bluestumbler.org