THE BLUES – BLUEBUGGING; BLUEJACKING AND BLUESNARFING

THE BLUES – BLUEBUGGING; BLUEJACKING AND BLUESNARFING

                These attacks are made through Bluetooth and target laptops, mobile phones, PDAs as well as every device with BLUETOOTH capability.

BLUEBUGGING:

                Blue bugging allows a virtual takeover of the target phone; manipulating the phone into compromising its security, so as to create a BACKDOOR attack without notifying or alerting the phone user; allowing attacker to “take control” of a victim’s phone. After taking control of the phone, BLUEBUGGER can make calls, send messages, read phonebooks, examine calendars as well as eavesdrop on phone conversations also.

                BLUEBUGGEER also has the capability to create call forwarding application , whereby he receives calls intended for the targeted phone and listen to any conversation is victim is having , in real time. Earlier, the range for this type of attack was 10 to 20 meters, but recently, due to advancement in technology its operational range has been increased tremendously with the help of directional antennas.

BLUEJACKING:

                This is a minor version of BLUEBUGGING which involves sending anonymous, unwanted messages to other users with Bluetooth enabled mobile phones or laptops. BLUEJACKING depends on the ability of Bluetooth Phones to detect and contact other Bluetooth phones or devices nearby. This Bluejacking feature was originally intended for exchanging contact details or electronic business cards, adds new entry in the phone’s address book, types in messages and sends it through Bluetooth, searches for other phones and if finds one, sends the messages.

                Bluejacking is essentially harmless, since the Bluejacker does not steal personal information or take control of your phone, but it can be a problem, if it is used to send obscene or threatening messages by criminal minded attacker.

BLUESNARFING:

                The theft of data from the Bluetooth phone is called BLUESNARFING. Here, attacker can discover a nearby phone/laptop by just using the right type of software on his laptop or phone,  and connect to it without user’s confirmation and can download essentials such as phonebook, e-mails, pictures and private videos, calendar and even the mobile phone’s serial no. to clone the entire phone information. The potential victims is not safe here even though his Bluetooth is off. He can be Bluesnarfed.  As a device in “hidden” status may also be Bluesnarfed by guessing the device’s MAC address via a BRUTE FORCE ATTACK.

                BT (Bluetooth) CRAWLER is a scanner for Windows Mobile based devices that implements Bluejacking and Bluesnarfing.