Exposed: I’ll bet the Bluetooth on your phone is enabled right now. How you can tell: when you get in the car and it automatically switches to the hands-free option. This is how most people operate. It’s for convenience.
So, what is Bluetooth? It’s like Wi-Fi but for short distances ( up to 30 feet or so for most devices) and its included with nearly every smartphone. In an iPhone you use it to Airdrop files to your friends. It connects to your wireless earbuds so you can listen to Sgt. Pepper’s Lonely Hearts Club Band. It can also be used to steal files off your phone without your knowledge.
Bluesnarfing: I’m referring to the attack called Bluesnarfing. This attack exploits a weakness in some mobile Bluetooth implementations and allows unauthorized access to the personal information stored on your phone.
Here’s the scenario. You are attending an event outdoors and properly observing the government recommended social distance of six feet. Maybe you’re at the grocery store or one of the few remaining restaurants in town that still allow sit-down dining (like Dickies over by Food City). Someone sits six-feet next to you. They then create a Bluetooth connection to your smart phone, and capture the data stored on it. All without your notice or consent!
Who Cares: Why is this important to you? This attack can expose your emails, contact lists, and text messages. Literally anything you store on your phone. Do you have a photo of your driver’s license or social security card in there? Anything else you don’t want to become public?
Maybe you think the risk isn’t very high. I mean, how important are you really? In a way, this is conceptually similar to ransomware attacks. Your data is held for ransom. If an attacker gets access to any sensitive data on your phone, they can simply email you anonymously and request a few Bitcoin to have the data deleted. In case you were wondering, at the time of this writing, Bitcoin traded for $11,345.96 per coin. So yes, it’s worth the effort for someone to steal your data.
Can I Stop It: Now you may be wondering how you can mitigate this attack, or if it’s even worth it to try. I mean, are you really at risk. Mitigation is easy. Turn off the Bluetooth when you are in public places. It takes almost no effort on your part. As for risk. Do you have sensitive data on your phone?
Bluebugged: Now that I have your attention. Bluesnarfing isn’t the only thing that should terrify you. The really scary one is Bluebugging. Bluebugging allows an attacker to have complete control over your phone. If your phone is bluebugged, an attacker can make and receive calls over your phone, AND eavesdrop on YOUR phone calls.
Be Cautious: I am not saying that you should stop using the conveniences of Bluetooth technology, but I am suggesting that you protect yourself in a crowd. Turn it off temporarily. If you are dealing with sensitive data, turn it off. If you start seeing messages that indicate someone can see you like “Nice hat,” or your data usage unexpectedly spikes, you might be hacked. It’s time to reset your phone to factory settings. Bluetooth technology is awesome so enjoy it. Just be aware of the dangers that lurk in crowds.