In ContextÂ
Cybersecurity experts note that apps that let users connect smartphones or laptops to wireless earplugs can record conversations, and are vulnerable to hacks.Â
- Through a process called bluebugging, a hacker can gain unauthorised access to these apps and devices and control them as per their wish.
What is bluebugging?
- Background: Independent security researcher Martin Herfurt blogged about the threat of bluebugging as early as 2004.
-  the bug exploited a loophole in Bluetooth protocol, enabling it to download phone books and call lists from the attacked user’s phone.
- It is a form of hacking that lets attackers access a device through its discoverable Bluetooth connection.Â
- Once a device or phone is bluebugged, a hacker can listen to the calls, read and send messages and steal and modify contacts.
- Â It started out as a threat to laptops with Bluetooth capability.
- Â Later hackers used the technique to target mobile phones and other devices.
- Threats: Bluebugging attacks work by exploiting Bluetooth-enabled devices.
- The device’s Bluetooth must be in discoverable mode, which is the default setting on most devices.
- Â The hacker then tries to pair with the device via Bluetooth. Once a connection is established, hackers can use brute force attacks to bypass authentication.Â
- They can install the malware in the compromised device to gain unauthorised access to it. Bluebugging can happen whenever a Bluetooth-enabled device is within a 10-meter radius of the hacker
- Ways to prevent: Turning off Bluetooth and disconnecting paired Bluetooth devices when not in use, updating the device’s system software to the latest version, limiting use of public Wi-Fi, and using VPN as an additional security measure are some of the ways to prevent bluebugging,Â
- Users must also watch out for suspicious activities on their devices,Â
Source: TH
