Recently a new threat to devices came into the news that is Bluebugging.
What is Bluebugging
According to Wikipedia, “Bluebugging is a form of Bluetooth attack often caused by a lack of awareness. It was developed after the onset of bluejacking and bluesnarfing. Similar to bluesnarfing, bluebugging accesses and uses all phone features but is limited by the transmitting power of class 2 Bluetooth radios, normally capping its range at 10–15 meters. However, the operational range can be increased with the use of a directional antenna.”
How does Bluebugging work
Times of India said, “Bluebugging works by exploiting Bluetooth-enabled smartphones, most of which are not in “discoverable mode” by definition. The hacker then uses “brute force” to pair with your Bluetooth device, permuting all possible passwords and passcodes until it guesses the correct one, bypassing the smartphone firewall defence mechanism. They can then use malware to gain unauthorised access to users’ data. sers.pen whenever a user comes within the hacker’s range. However, some professionals even use “booster antennas” to expand their range.”
How to avoid Bluebugging
They also said, “To prevent, one must immediately switch to using VPN services. A virtual private network or VPN establishes a secure, encrypted connection between your device and the internet, shielding your data and communications while you use public networks. First and foremost, users must remember to disconnect paired bluetooth devices when not in use.”
Techopedia said, “Because discoverable mode is a default setting, most Bluetooth-enabled mobile phones and devices are automatically vulnerable to bluebugging attacks. Certain tools – such as RedFang and BlueSniff – allow hackers to infiltrate Bluetooth-enabled devices that are not in discoverable mode.
Bluebugged devices are vulnerable to one or more of the following scenarios:
- A device can be remotely controlled, which allows hackers to intercept or reroute communication.
- Hackers may send and read text messages.
- Hackers may place or monitor phone calls.
- Hackers may do all of the above without leaving a trace.”