Tuesday, February 2, 2016

What is BlueSniping ?



Attackers often find numerous ways to steal sensitive data from devices. Even Bluetooth enabled devices are not safe from attackers. And, BlueSnarfing is an example of such threat.

As discussed in BlueSnarfing, using this technique attackers connect to Bluetooth enabled devices, especially in public places and get access to all data stored in the Bluetooth enabled devices.





But, attackers found limitations of this technique. BlueSnarfing is applicable to Bluetooth enabled devices which are placed within a range of few meters. Clearly, it is much inconvenient for attackers to make this attack.

And, BlueSniping is a technique used by the attackers to counter that. It is a technique which is used by the attackers to increase the range of attacked Bluetooth devices even up to a mile (1.6 km). Attackers use BlueSniping to get information about Bluetooth enabled devices which are within a range of upto a mile and connect to them to steal sensitive information from them.


How is BlueSniping done ?


BlueSniping is done by the attackers using a specialized hardware called BluSniper Gun. It is normally made with hardware pieces like Folding Stock, Yagi Antenna and Linux powered embedded PC.

On placing the BlueSniper Gun in a suitable location, all the discoverable Bluetooth enabled devices show up in the PC. The attackers can now connect to them to steal sensitive data from them.

Attackers can even use several BlueSniper Guns to locate moving Bluetooth devices.


How to prevent BlueSniping ?


The most common way of mitigating this attack is to disable Bluetooth of devices in public places or whenever it is not needed.

One can change settings of devices to make the devices non-discoverable when not needed. This will prevent the devices from being listed to the attackers when the attackers scan for Bluetooth enabled devices in nearby places. But, this cannot prevent BlueSniping of those devices completely. Because, attackers can use a device's MAC address to pair with a Bluetooth enabled device, even when it is in non-discoverable mode. Each Bluetooth device has a unique 48 bit MAC address, which consists of first 24 bits of manufacturer specific information and remaining 24 bits of unique information specific to the device. But, this can at least safeguard us in a better way.


So, beware of all security vulnerabilities so that you can protect your devices and the data within in a better way and stay safe, stay secured.

No comments:

Post a Comment