Bluesnarfing is the theft of information from the target device or the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, and laptops. Bluetooth is a high-speed but very short-range wireless technology for exchanging data between desktop and mobile computers, personal digital assistants (PDAs) and other devices. This attack is perpetrated without the victim’s knowledge.
Bluetooth enabled devices to communicate with each other using a protocol called OBEX or OBject Exchange. BlueSnarfing uses security vulnerabilities of that protocol.
In BlueSnarfing, the attacker first scans for Bluetooth enabled devices, especially in public places. Then they pair with those devices without the user’s consent. The attackers normally use some software to do BlueSnarfing. This software enables them to get illegal access to those devices, using which they get control of the information stored in the devices.
Adam Laurie of A.L. Digital-first discovered this vulnerability. Since then this attack has affected many users. There are quite a number of software available which can enable attackers to make this attack.
When a device is bluesnarfed, the perpetrator is able to access all the data. Besides the data, the hacker can make calls, send texts, access the contact list, notes, emails, images, videos, memos, etc.
Prevent BlueSnarfing attack:
Update: Update the Bluetooth version to the latest. Not to mention, a device without security updates is vulnerable to any kind of attacks.
Make it non-discoverable: Make a habit of turning off the Bluetooth connection. This not only avoids bluesnarfing attacks but also save the battery power of Bluetooth devices.
Do not accept pairing request from an unknown device: Always double check before you pair your device with an unknown device. The most common technique used in this attack is sending you an unsolicited business card. If you accept the request, bluesnarfer becomes a reliable device and can access your data.
Keep away sensitive information: In the first place, never store the sensitive information on a Bluetooth-enabled device. Remember, even though the best security measures can and will be breached.
To know more about security news, Frequently check THEWEBORION