Bluesnarfing – Are you under attack?

First it was your computer and now it appears that even your mobile could be under attack.

It started with ‘Blue Jacking’ which allowed users to send a message to Bluetooth phones without authorisation. Now a new phenomenon has emerged called ‘Bluesnarfing’ (not to be confused with the harmless blue Smurf).

According to AL Digital, a networking and security firm, phones that were vulnerable to such a bluesnarfing attack include: Ericsson T68; Sony Ericsson R520m, T68i, T610 and Z1010; and Nokia 6310, 6310i, 7650, 8910 and 8910i. In such an attack all contact details, along with other information, are downloaded from a vulnerable phone whilst leaving no trace of the intrusion or theft.

Nokia are aware of these “security issues” and have admitted that a bluesnarf attack “may happen in public places, if a device is in the ‘visible’ mode, and the Bluetooth functionality is switched on.

The phones vulnerable to ‘snarf’ attack include the Nokia 6310, 6310i, 8910 and 8910i phones as well as those from another manufacturer”.

However some models invite attack even when in ‘invisible mode’, when the handset is not supposed to broadcast its identity and should refuse connections from other Bluetooth devices.

The 7650 phone has a different set of problems. If an attacker gains physical access to this model, then not only would the bluesnarf attack be possible, but it would also allow the attacker’s own Bluetooth device to “read the data on the attacked device and also send SMS messages and browse the web via it.”

Nokia cannot confirm if the other models are also vulnerable to this type of abuse, although so far they have been unable to recreate this “backdoor” attack on their 6310i handset.

They have, however, admitted that the 6310i is vulnerable to a Denial of Service attack, where the phone receives a “corrupted” Bluetooth message:

“A DoS attack would happen if a malicious party sends a malformatted Bluetooth… message to re-boot a victim’s Nokia 6310(i). We have repeated the attacks and found that there are some corrupted Bluetooth messages that could crash the Nokia 6310(i) phone,” said the company spokesperson. Nokia are obviously trying to play down these problems by reassuring customers that, following the crash, the phone will reset and function normally.

Nokia do not intend to release a fix for these devices for the time being. As they say, the attacks are limited to “only a few models” and are not expected to “happen at large”.

“In public places, where the above mentioned devices with Bluetooth technology might be targets of malicious attacks, at least in theory, the safest way to prevent hackers is to set the device in non-discoverable mode – ‘hidden’ – or switch off the Bluetooth functionality. This does not affect otherfunctionalities of the phone”.


Whether the problem of Bluesnarfing should be considered a great threat or not, is up to the individual phone owner. However, as with so many technology-based problems, there is always huge potential for future abuse and the possibility of becoming yet another security problem. It is unlikely to affect other Bluetooth devices such as laptops. Their systems are far more complex, making them harder to target, unlike mobiles which have far more limited resources for menus and configuration.

If nothing else, it makes you wonder if any mode of communication is safe anymore. Maybe the return to smoke signals and carrier pigeons is just around the next corner….

..

k

add to del.icio.us : Add to Blinkslist : add to furl : Digg it : add to ma.gnolia : Stumble It! : add to simpy : seed the vine : : : TailRank : post to facebook

Add to Technorati Favorites

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s