Crossbow Labs

Crossbow Labs Logo

Is Your Bluetooth Vulnerable ? – A quick read on Bluesnarfing attacks

Back in the 90’s, when Bluetooth entered the market as a disruptive wireless technology and revolutionized the way we exchange data, it was apparent that the exploiting attacks will soon follow to intercept communication and steal data. In 2003, Adam Laurie (A.L. Digital) discovered the security vulnerabilities in the Bluetooth devices for the first time, these amounted to three of the most prevalent attacks – Bluesnarfing, Bluebugging, and Bluejacking. Blusnarfing allows for unauthorized access to data present in a device while Bluebugging takes full control of the Bluetooth device, and Bluejacking is limited to only unwanted transfer of data without any access to the other data present in the device. In the current scenario, these attacks can happen only if the Bluetooth connection is turned on, that is if a device is ready to be paired or is discoverable. Not just devices, these attacks also extend themselves to wireless systems where network security is bypassed through rogue access points.

Getting into the details

The commonly compromised protocol to enable Bluesnarfing is Object Exchange (OBEX) Protocol. This protocol enables the exchange of data between the connected devices while most of its sub-services don’t require any authentication to validate the device sending or receiving the data, like OBEX Push Profile which allows for each exchange of data. Once attacker pairs an OBEX Push Target with an OBEX GET request for the known data files, unauthorized information exchange is performed.

Another latest technique reported by the Center for IT-Security, Privacy and Accountability (CISPA) in 2019 was Key Negotiation of Bluetooth (KNOB). This technique allows attackers to execute the man-in-the-middle attack by using Bluetooth’s vulnerable authentication protocols comprising weaker encryption when connecting with the target device.

KNOB’s official website reads, “We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices). At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.”

One serious implication of these attacks could be on the trending smart lock feature. This feature allows your devices to be in ‘unlock’ mode when they are connected to a trusted device, like laptop and cellular phone or cellular phone and smart watch. As much as this technology is convenient, it increases the probability of attacks and device tracking by broadcasting its identity in the device range.

How do you safeguard from Bluesnarfing attacks?

  1. Do you really need it ?
    The most obvious way to safeguard the devices and information from Bluesnarfing attacks is by turning off the Bluetooth utility when it is not required or keep them in ‘invisible’ mode. Also, being prudent enough to not accept pairing requests from unknown users and in public areas minimises the threat vectors. The usage of Bluetooth should be avoided while exchanging sensitive data.
  2. Stay updated
    Another word of advice would be to keep the firmware on bluetooth devices updated. This should effectively tackle firmware vulnerabilities.
  3. Take the help of tools

     

    Anti-Bluesnarfing tools are available in the market to enable the detection of unauthorized access to the device and information. In another category of Anti- Bluesnarfing solutions, tools act as sensors whereby they pinpoint and position potential high-risk Bluetooth devices used for Bluesnarfing in an indoor setup.
    Another alternative for securing against Bluetooth attacks is by modifying the configuration setting in the Anti-Bluesnarfing tools to request for mandatory approval from the user for unsolicited connection requests and messages or business cards, i.e., strong authentication for pairing.
  4. Watch out on battery usage
    Periodic monitoring of data usage on your devices can help in detecting any suspicious activities. Incase, suspicious activity is noticed the best way to cut off the further damage is by turning off the device and resetting the device to factory settings.

Make way for Bluetooth 5.0

As we have advanced into better, wider, and faster upgrades of the bluetooth technology – Bluetooth 5.0, we must not forget the ease, speed, and reach with which attackers can now execute a breach. Though, Bluetooth 5.0 allows device authentication, it is sans user authentication. Enabling a user authentication enabled application while using Bluetooth 5.0 could significantly secure one against the Blue snarfing attacks. Bluetooth will undergo several iteration to incorporate security but we certainly need to rely on the controls around the usage of Bluetooth technology.