Different types of Bluetooth hacks are:-
1. Blue jacking
2. Blue snarfing
3. Blue bugging
4. Bluetoothing
1. Blue jacking
It is the simplest of the four. The hacker uses it by making an attempt to send a phone contact or business card to another nearby phone. The ‘name’ field of the contact can be misused by replacing it with a suggestive text so that the target device reads it as a part of intimation query displayed on its screen. This may be thought of as equivalent to spam e-mail since both are unsolicited messages displayed on recipients’ end without consent, and by exploiting the inherent nature of communication.
2. Bluesnarfing
It goes a step further and actually accesses or steals data like messages, calendar, phone book etc., from the target device in an unauthorized manner which includes bypassing the usual paring requirement. Here, the problem is bigger since there have been reports of the tools that use methods such as device address guessing and brute force in order to break-in, even when device is configured as ‘invisible’.
3.Bluebugging
In this method the victim device is controlled by the attacker who sends commands to perform actions as if having physical access to the device this is a functionality analogous to Trojans.The tools for Bluebugging include ones that run off the PCs, which means laptops with high range Bluetooth connectivity, which makes things even worse.
4.Bluetoothing
Finally, it is Bluetoothing which typically means social networking in short range, and possibility of harassment from the security point of view. Then there are programmes for Bluetooth PIN code cracking as well.
Tools using for hacking
~~~~~~~~~~~~~~~~
1.Super Bluetooth Hack
This Bluetooth hack is one of the most widely used and is used by both professional hackers as well as people who just want to have fun by sneaking into other’s mobiles, without even knowing about the security issues that may arise in doing so.This tool demonstrates characteristics of both Bluesnarfing and Bluebugging.
Security Issues With This Tool
——————————–
Following are the major threats from this application:-
1.To get around pairing, the attacker can employ a bit of social engineering, say renaming phone to something as ‘Download Updates’ or to a known target-trusted companion in the vicinity, or even get physical access to phone and perform one-time pairing since subsequent connections do not require any user intervention at target device. Once connected, a long list of information categories is displayed which can be possibly gleaned.
2.Another threat from this application is that the hacker can gain access to users calls menu and may use it in a way that the target phone starts dialing the requested number automatically. The attacker even gains access to the option of putting the call on hold or to hang up.
3.Another issue that may arise is that the hacker can fetch target phone’s entire phone book, dialled calls list etc. which can be saved on attacker’s device.
4.This application can make the target extremely vulnerable as it works and fetches a plethora of details in addition to sending operative commands, without having to be installed on target device.Usual remote-control devices are installed on both devices and use their own authentication to send commands, as Super Bluetooth Hack by passes this requirement. This shows how intensive Bluetooth surveillance can get, particularly when combined with social engineering.
(Courtesy: Hassam,Hubpages.com)
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
New hack cracks ’secure’ Bluetooth devices
Cryptographers have discovered a way to hack Bluetooth-enabled devices even when security features are switched on. The discovery may make it even easier for hackers to eavesdrop on conversations and charge their own calls to someone else’s cellphone.
Bluetooth is a protocol that allows different devices including phones, laptops, headsets and printers to communicate wirelessly over short ranges – typically between 10 and 100 metres.
Over the past few years security experts have devised many ways of hacking into Bluetooth communications, but most require the Bluetooth security features to be switched off.
In April 2004, UK-based Ollie Whitehouse, at that time working for security firm @Stake, showed that even Bluetooth devices in secure mode could be attacked. His method allowed someone to hijack the phone, giving them the power to make calls as if it were in their own hands.
Pairing up
But this technique did not pose a serious risk because it could be performed only if the hacker happened to catch two Bluetooth devices just before their first communication, during a process known as “pairing”.
Before two Bluetooth devices can communicate they must establish a secret key via this pairing process. But as long as the two devices paired up in a private place there was no risk of attack, explains Chris McNab of the UK security firm TrustMatta.
Now Avishai Wool and Yaniv Shaked of Tel Aviv University in Israel have worked out how to force devices to pair whenever they want. “Our attack makes it possible to crack every communication between two Bluetooth devices, and not only if it is the first communication between those devices,” says Shaked.
“Pairing allows you to seize control,” says Bruce Schneier, a security expert based in Mountain View, California. “You can sit on the train and make phone calls on someone else’s phone.”
Sniffing the airwaves
During pairing, two Bluetooth devices establish the 128-bit secret “link key” that they then store and use to encrypt all further communication. The first step requires the legitimate users to type the same secret, four-digit PIN into both devices. The two devices then use this PIN in a complex process to arrive at the common link key.
Whitehouse showed in 2004 that a hacker could arrive at this link key without knowing the PIN using a piece of equipment called a Bluetooth sniffer. This can record the exchanged messages being used to derive the link key and feed the recordings to software that knows the Bluetooth algorithms and can cycle through all 10,000 possibilities of the PIN. Once a hacker knows the link keys, Whitehouse reasoned they could hijack the device.
But pairing only occurs the first time two devices communicate. Wool and Shaked have managed to force pairing by pretending to be one of the two devices and sending a message to the other claiming to have forgotten the link key. This prompts the other device to discard the link key and the two then begin a new pairing session, which the hacker can then use.
Surprisingly easy
In order to send a “forget” message, the hacker must simply spoof one of the devices personal IDs, which can be done because all Bluetooth devices broadcast this automatically to any Bluetooth device within range.
“Having it done so easily is surprising,” says Schneier. He is also impressed by the fact that Wool and Shaked have actually implemented Whitehouse’s idea in real devices.
They show that once an attacker has forced two devices to pair, they can work out the link key in just 0.06 seconds on a Pentium IV-enabled computer, and 0.3 seconds on a Pentium-III. “This is not just a theoretical break, it’s practical,” says Schneier.
