The story so far:
CCybersecurity experts note that apps that allow users to connect smartphones or laptops to wireless earbuds can record conversations and are vulnerable to hacks. Even the most secure smartphones like the iPhone are vulnerable to such attacks. Any app with access to Bluetooth can record users’ conversations with Siri and audio from the iOS keyboard dictation feature when wearing AirPods or Beats headsets, some app developers say. Through a process called bluebugging, a hacker can gain unauthorized access to these apps and devices and control them as they wish.
What is bluebugging?
It is a form of hacking that allows attackers to gain access to a device through its discoverable Bluetooth connection. Once a device or phone is jailbroken, a hacker can listen to calls, read and send messages, and steal and change contacts. It started as a threat to Bluetooth enabled laptops. Later hackers used the technique to target mobile phones and other devices.
Independent security researcher Martin Herfurt blogged about the bluebugging threat as early as 2004. He noted that the bug exploited a loophole in the Bluetooth protocol, allowing it to download phonebooks and call lists from the attacked user’s phone.
How does bluebugging hack devices?
Bluebugging attacks work by exploiting Bluetooth-enabled devices. The device’s Bluetooth must be in discoverable mode, which is the default setting on most devices. The hacker then tries to pair with the device via Bluetooth. Once a connection is established, hackers can use brute force attacks to bypass authentication. They can install malware in the compromised device to gain unauthorized access to it. Bluebugging can happen when a Bluetooth-enabled device is within a radius of 10 meters from the hacker. However, according to a blog by VPN service provider NordVPN, hackers can use booster antennas to extend their attack range.
How to prevent bluebugging?
Turning off Bluetooth and disconnecting paired Bluetooth devices when not in use, updating the device’s system software to the latest version, limiting the use of public Wi-Fi and using a VPN as an extra security measure are some of the ways to prevent bluebugging, Shubho Pramanik, senior vice president, Applied Cloud Computing, a Thane-based cloud service provider, said The Hindu.
Most devices make Bluetooth visible by default, making your devices susceptible to unwanted connections. So the first step would be to make your Bluetooth devices undiscoverable from Bluetooth settings. This will keep them invisible to hackers, thus preventing them from pairing with the device, NordVPN said in the blog.
Users should also watch out for suspicious activity on their devices, NordVPN suggested. “If your phone suddenly disconnects and reconnects to calls, or if you notice messages that haven’t been sent by you, it could indicate that someone is controlling your device. Reset your device to factory settings or uninstall apps you don’t recognize.” One should also monitor sudden peaks in data usage. If the amount of data used suddenly increases beyond reason, someone could control the device as part of a data-eating botnet, NordVPN said.
Modern antivirus software can also help prevent such attacks. The new antivirus software helps users detect strange and spam-like content by filtering, blocking and consistently reminding people to be vigilant, said Manoj Kumar Shastrula, CEO and founder, SOCLY.io, a cybersecurity company The Hindu.
Which devices are most vulnerable to such attacks?
Any Bluetooth-enabled device can be bluebugged. Wireless earbuds are vulnerable to such hacks. Apps that allow users to connect TWS (True Wireless Stereo) devices or earbuds can record calls. The apps for these TWS devices can record calls. Once hacked, the attacker can make and listen to calls, read and send messages, and change or steal your contacts, Pramanik said.
Apple has also previously acknowledged that wireless earbuds can record calls. “An app may be able to record audio using a connected pair of AirPods,” Apple said on its support page as it released fixes for the issue. However, smartphones are more vulnerable to this type of hacking as most users leave Bluetooth on in public places, where hackers can lurk.
Today, many smartphones have their Bluetooth settings on discovery mode, making it easy for hackers to access the phones when they are within 10 meters of the device. Some earlier models of Bluetooth phones were vulnerable to bluebugging but have since been patched, said Arindam Mitra, co-founder, CTO and President of Services, ProcessIT Global. The Hindu. However, devices with short PINs for a password can be easily cracked with brute-force computing and may also be vulnerable to these attacks, Mr. Mitra added.