Some smartphone apps make use of Bluetooth without the user’s knowledge. App manufacturers want to collect your data and track your location for their benefit. It doesn’t necessarily mean that the apps are unauthorized – they can be legitimate, like Facebook and YouTube.
Small software and hardware devices that use the Bluetooth protocol as mini-transmitters. They can be placed throughout different locations or given to people to broadcast offers or ads depending on where that person is located in a store. Beacons transmit BLE signals up to 80 meters, while the RuuviTags transmit signals up to 1 kilometer.
The wireless protocol designed to communicate on a 2.4GHz frequency using a Personal Area Network (PAN).
Typically associated with older versions of Bluetooth, bluebugging is an attack centered on manipulating a device without the owner’s knowledge. Hackers can “bluebug” to eavesdrop on phone calls, connect to the Internet, send/receive text messages, or even make calls.
This is the most dangerous type of Bluetooth attack. Even if the Bluetooth on your smartphone is in invisible mode, it can still be attacked with the bluesnarfing method. However, being set on invisible mode makes it more difficult for them to figure out the model and name of your device. Attackers use this method when they want to access data on your phone. Such data can include addresses, calendar information, bank details, and IMEI (International Mobile Equipment Identity), which can be used to route your incoming calls to their cellphones. To protect your device from bluesnarfing, regularly update your device software and make sure that your Bluetooth is in invisible mode when in use. Also, switch it off when you’re not using it.
Bluejacking involves exploiting the Bluetooth electronic business card feature by using it as a message carrier. This way, the attacker can send offensive messages to any available devices located in the vicinity. The attacker needs to be within 10 meters of your device in order to hack it. This is not such a serious type of attack because your data is not in danger of being used or extracted. Put your smartphone in invisible or non-discoverable mode or disconnect immediately once you are done using the Bluetooth.
If you’ve ever had a problem with malware taking control of your smartphone, you likely experienced a blueborne attack. Attackers infect a device with malicious code to take control of it. It works like an airborne virus – if a device is infected with this malware, it can infect any other devices it connects with using Bluetooth. Devices with outdated software and without VPNs are more vulnerable to blueborne attacks. If your smartphone is not up-to-date and you have a habit of leaving your Bluetooth on (even when not using it), your device is exposed to blueborne (as well as many other) attacks.
Bluetooth Basic Rate (Bluetooth BR)
The first version of the Bluetooth (v1.0) protocol that allowed the transfer of data at rates up to 0.7 Mb/s.
Bluetooth Enhanced Data Rate (Bluetooth EDR)
The next version of the Bluetooth protocol (v2.0) which was 2-3x fast that Bluetooth BR.
The original version of Bluetooth that had high power consumption rates.
Bluetooth Connection Speeds
Bluetooth Classic can take approximately ~100 milliseconds to connect while BLE only takes a few milliseconds.
Bluetooth Distance Capabilities
Depending on the radio(s) in question, Bluetooth can communicate over a distance of 164 feet (50 meters).
Bluetooth Low Energy (BLE)
Version 4.0 of the Bluetooth protocol. This version of the Bluetooth protocol was designed to be more efficient and allow batteries in devices to last longer because they have less drain. It was also known as Wibree or Bluetooth Smart. It allows radios to use BD/EDR only, BLE only, or dual radios with BR/EDR and BLE.
Profiles help the Bluetooth protocol understand exactly how and what language to speak to specific devices. These profiles are used to provide infrastructure and a common backbone so that vendors implement Bluetooth in a very specific and methodological way. Each profile is grouped together by specific device type and provide related functionality to a given Bluetooth device. For more detailed information, see our post on Bluetooth Classes.
Bluetooth Release History
- Version 2.0 in 2004
- Version 3.0 in 2009
- Version 4.0 in June 2010
- Version 5.0 in July 2016
When you buy a new car, you should change the manufacturer’s PIN on the Bluetooth-enabled entertainment system to avoid car whisperer Bluetooth attacks. This type of attack enables hackers to send/receive audio through your vehicle’s sound system.
Class of Device
The Bluetooth protocol executes specific functions based on the Class of Device. Bluetooth connects to a device, determines its major and minor classes, and then loads a profile relevant to the classes it needs. For more detailed information, see our post on Bluetooth Classes.
Denial of Service (DoS)
A DoS is a type of attack involving an attacker pairing his or her Bluetooth device to another device, and it is the easiest attack hackers can perform. The damage is usually minimal because data is not jeopardized. Instead, a denial of service attack prevents the user’s ability to effectively use the device or service. Also, you may be able to see who is attacking you because it requires the attacker to be in close proximity.
Frequency Hopping Spread Spectrum (FHSS)
FHSS is a wireless technology that divides the frequencies it uses into multiple subfrequencies. It then hops rapidly among these bands changing frequencies frequently. This helps make the communications more reliable and less subject to interference and more difficult to intercept the signals.
People most prone to location tracking Bluetooth attacks are fitness enthusiasts. They are always connected to their Bluetooth devices because their wearables (e.g., fitness trackers) are used to track their fitness progress. Attackers who are interested in your location may hack your device.
The process of setting up two or more devices to communicate with each other. In some cases, a secure PIN confirmation process is required.
A piconet is a personal area network (PAN) that Bluetooth creates in order to communicate between multiple devices. When a piconet is created, members randomly hop frequencies so they can stay connected while avoiding other piconets that are operating in the same vicinity. A piconet can contain 2 – 8 Bluetooth member devices, typically with a single master device and up to 7 slaves.
Measured in microamperes, with a peak power consumption of 15-20 mA. BLE devices can be powered by button or coin cell batteries for years. BLE devices’ power consumption is usually around just 1-5% of the power consumption of Bluetooth Classic devices.
These are how the Bluetooth protocol knows how to communicate to different device types. There are approximately 36 profiles. Examples include the Advanced Audio Distribution Profile (A2DP), Human Interface Device (HID), Hands-Free Profile (HFP), and Headset Profile (HSP).
Radio Frequency (RF)
Any technology that uses radio signals to communicate between people or devices.
BLE (Bluetooth Low Energy) only wakes up when initiating and using a connection.