Wireless technology standard used for exchanging data between fixed and mobile devices over short distances without the need for an Internet connection
Bluetooth Vulnerabilities
Insecure Pairing
Devices establish a connection without proper authentication
Device Spoofing
Attacker impersonates a device to trick a user into connecting
On-Path Attacks
Exploits Bluetooth protocol to intercept and alter communications between devices without either party being aware
Bluetooth Attacks
Bluejacking
Sending of unsolicited messages to Bluetooth enabled devices
Bluesnarfing
Unauthorized access to information from a wireless device over a Bluetooth connection
Takes information from an Bluetooth enabled device
Bluebugging
A more advanced form of Bluesnarfing which allows the attacker to take control of device
The attacker can make calls, send text message’s as well as access the internet
Bluesmack
Type of DoS attack that uses a specially crafted Logical Link Control and Adaptation Protocol packet to target a device
Blueborne
Set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices or spread malware
Security Best Practices
Turning off Bluetooth
Set device to “Non-discoverable” mode
Only pair with known and trusted devices
Always use unique PIN or passkeys for authentication
Be cautious of unsolicited connection requests
Use encryption when sending sensitive data