'Blackout towns' named

A leaked document shows that a number of municipalities are not paying their Eskom accounts and may end up without electricity.

Old Gs never die

Leave the grandstanding to the G20 - the G7 is where the real talking gets done, says CNN International Correspondent Richard Quest.
  
  
Where am I? Fin24.com  > 

Bluetooth devices easily hacked

Oct 23 2007 13:31

Cape Town - Bluetooth-enabled devices are vulnerable to unscrupulous hackers, an expert warns.

Bluetooth was invented to connect devices such as cellphones, laptops, PCs, printers, digital cameras and video game consoles over a short-range radio frequency, but like any computer network, using Bluetooth can leave you vulnerable.

"Bluetooth hacking techniques vary tremendously. There are various attacks that have proved to be very effective over the last few years. Some of these attacks include making unauthorised calls and transactions, reading and sending SMSs on a target phone, erasing information and downloading personal information such as phone books and access codes," says ICT security expert Dino Covotsos.

Covotsos is MD of Telspace, a Johannesburg-based company specialising in managed security services. Telspace routinely makes use of Bluetooth vulnerabilities to test the security level of its corporate clients' networks.

"From our case studies and actual attack and penetration tests, we have often utilised specific Bluetooth attacks to gain further entrance into a network," Covotsos says.

"Specific implementations or versions of Bluetooth are susceptible to exploitation because of design flaws and various other factors," he explains. "Hacking Bluetooth is quite a broad subject so in terms of taking advantage of certain devices (not only cellphones) one can literally control the device completely once it is exploited or paired.

"As an example, successful exploitation would include being able to access the entire contents of the phone such as call records, SMSs, keylock codes and so on."

Methods of attack

Covotsos explains that there are many different methods to get confidential information off a mobile device. Hacking methods such as Bluebugging, BlueSnarfing and Carwhispering are just a few of the most common methods of attack.

"The Bluebug attack, for example, allows attackers to perform unauthorised transactions on vulnerable devices. Distance is very important and is limited by the transmitting power of class 2 Bluetooth radios, which is 10-15 metres. But this distance can be increased with directional antennas.

Bluesnarfing is the best known form of attack and hackers take advantage of the OBEX Push Profile (OPP), which was developed for purposes such as business card exchange. In most cases this service does not require authentication, so attackers can then request common filenames such as pb.vcf, which is the phonebook on a cellphone.

Even a Bluetooth device that is set on "hidden" can be found and broken into. This is possible through a technique known as "brute force scanning". An application called RedFang is used to find non-discoverable Bluetooth devices by forcing the device to reveal the last six bytes of its Bluetooth address and also reading its name. Hackers can then extract confidential information from the device such as phonebook entries and SMSs.

"There are some serious vulnerabilities in certain implementations of Bluetooth which allow for exploitation of the device," Covotsos observes, "so the most vulnerable phone is one which has an older implementation. However people often forget about the social engineering factor for attacks, where it literally takes just a few seconds to pair with a device and once that has been done the device is compromised."

What to do?

There are various ways in which you can prevent your phone, PDA or PC from being exploited.

Firstly, turn off Bluetooth when it's not required all of the time. Enable "hidden mode" and change the phone name from the default one because hackers will usually first go for such known vulnerabilities.

At the very least enable PIN-based authentication and use anti-virus software, although this is a cost factor. Also, keep up-to-date with firmware and any security updates for the device.

But, warns Covotsos, while newer versions and implementations of software are being brought out continuously, hackers will constantly try to break them - so keeping up to date is essential.

 

Add your comment

(No bad language or hate speech, please)

Comments Order    

Basant Jain
Oct 25 2008 22:05 Report this comment

I like software
 
aditya
Feb 18 2008 13:59 Report this comment

it's a better
 
James
Oct 26 2007 15:41 Report this comment

Actually, it is possible to hack specific implementations of bluetooth on cellular phones by exploiting specific factors within the protocol. Therefore, you don't need specific laboratory conditions to do it - it all depends on the firmware and services running. Its been widely publicized, you dont need to pair with the phone at all using specific implementations bluetooth. Sorry Pedros! I guess hackers pry on people like you, who think things like this are impossible. In fact what you have written above is far from the truth - there are many open source, freely available tools that help you take control of specific bluetooth devices, without consent of the user. Maybe you should check your facts before writing, and turn off your bluetooth ;)
 
Petros
Oct 25 2007 09:39 Report this comment

This article sounds good in theory but its quite removed from reality. Bluetooth devices are not at all that easy to hack. The crucial sentence in the article is---- "one can literally control the device completely once it is exploited or paired" Saying a device is "exploited" is meaningless?? That word makes no sense in the sentence and was probably only added for effect? You can only access a device is if it is paired, pairing requires two way consent (its the nature of Bluetooth protocol). Saying that you can easily hack a Bluetooth device that is paired is the same as saying you can hack my PC if I give you the pass words (thats not hacking thats consent). In theory it is possible to hack a Bluetooth device given perfect conditions (like in a closed laboratory environment, with the right devices). In reality its 1000 X easier to steal a phone than to hack it. So much so that it can be said that hacking a phone in a live non-controlled environment without the owners consent is just about impossible. Please check at least some facts before publishing such sensationalistic rubbish.
 
 
Your name  
Email  
Comment
(500 characters remaining)
  

 
Please enter the text below(Case sensitive)
 
 
If you can see the following field, please ignore it, as it is used to verify that you are human.

 
  Disclaimer

Fin24.com encourages freedom of speech and the expression of diverse views. The views of users published on Fin24.com are therefore their own and do not represent the views of Fin24.com. All posts are monitored by Fin24.com's editors and grossly derogatory posts will be deleted. The Fin24.com editorial team will delete your comment should you post abusive comments, use vulgar language or make discriminatory observations.

Company Snapshot

Video

5 questions with John Munro
2010/02/08 05:25:00 PM

Fin24.com spoke to the Rand Uranium CEO at the 2010 Mining Indaba about the company's planned R3.5bn plant. Time: 2:08

Search engine friendly content
Not working? Click here More video...

Blogs

Podcasts

Services

AnswerIt

Answerit Get your financial questions answered.

RSS

RSS feeds News delivered really simply.

Calculator

Calculators Easy-to-use personal finance tools.

Compare

Compare and buyGet a better rate on personal finance by shopping around.

Newsletter

Fin24 newslettersYou choose what you want.

Help

HelpLost? Confused? Problems?
Let us help you.

Blogs

Blogs Your opinion on you, me and everyone.

Data products

Data productsGet us in your home, on your television..

FIN24 partners: Sake24 | Rapport | MiningMx
Terms & conditions | Advertise | Contact us | RSS feeds