Bluetooth-enabled Devices are Security Threat

By | June 19, 2006

People are not aware of the security risk posed by Bluetooth, according to research by one of the world’s leading anti-virus companies, Kaspersky Lab. The company conducted research in London and in the space of three days detected more than 2,000 Bluetooth-enabled devices in ‘visible to all’ mode – the configuration needed for a hacker to attack the device.

The research was undertaken on the London Underground network during rush-hour; at Victoria, King’s Cross and Waterloo train stations; and at Europe’s largest security exhibition, InfoSecurity 2006. Worryingly, more than half of the 2,000 devices were detected at InfoSecurity and at one stage the number of devices within range was so large that Kaspersky Lab’s software had trouble processing all the data, with more than 100 devices in ‘visible to all mode’ in a radius of 100 metres.

Despite the number of devices open to attack, Kaspersky Lab didn´t receive a single sample of any mobile virus while in London.

However, mobile phones have previously fallen victim to a range of viruses including Cabir, the most widespread virus that uses Bluetooth to replicate, so it’s important that mobile users are aware of the potential threats.

There are three ways that hackers can exploit Bluetooth to attack mobile phones:

Social engineering – hackers can access information on a user´s phone, either by using Bluetooth to establish a ´trusted device´ connection, or by persuading the user to lower security/disable authentication for Bluetooth connections.

Protocol vulnerabilities – hackers can steal data from the phone, make calls or send messages, conduct DoS attacks on the device, use a Bluetooth earpiece to listen to calls etc.

Malicious code – a phone can be infected by a worm, which will then send itself to other devices, by Bluetooth or by MMS. Data on the victim phone may be corrupted, stolen, or encrypted.

Alexander Gostev, Senior Virus Analyst, Kaspersky Lab, comments: “The figures are worrying, particularly those collated at InfoSecurity, where you’d expect people to be far more security conscious – if a single mobile phone had been infected, nearly all vulnerable devices would have been infected in the space of less than an hour.

“It’s worth remembering, however, that mobile phone viruses are nowhere near as prevalent as PC viruses, and as yet there’s no need to panic. But as a precautionary measure, it’s probably worth setting your mobile’s visibility to ‘hide phone’, unless you specifically want to exchange information with someone.”

Leave a Reply