issuhub.com

CEH

(Jeff_L) #1

Summary 367


■ An attacker can remotely control a phone to make phone calls or connect to the


Internet.

■ Attackers have been known to fool victims into disabling security for Bluetooth


connections in order to pair with them and steal information.

■ Mobile phone worms can exploit a Bluetooth connection to replicate and spread.


Bluejacking


Bluejacking is one form of Bluetooth attack that is more annoying than malicious in most
cases. The attack takes the form of sending an anonymous text message via Bluetooth to a
victim. Since this attack exploits the basic operation of the Bluetooth protocol it is hard to
defend against, other than making the device nondiscoverable.
Use the following steps to bluejack a victim or a device:



  1. Locate an area with a high density of mobile users such as a mall or convention center.

  2. Go to the contacts in your device’s address book.

  3. Create a new contact and enter a message.

  4. Save the contact with a name but without a phone number.

  5. Choose Send Via Bluetooth.

  6. Choose a phone from the list of devices and send the message.


If all goes well at this point, your new “friend” should receive the message you just
crafted.


Bluesnarfing


Another example of a Bluetooth attack is bluesnarfing. This attack is designed to extract
information at a distance from a Bluetooth device. If you execute the attack skillfully, you
can obtain the address book, call information, text information, and other data from the
device. Because of the nature of the attack, it is considered very invasive and extremely
dangerous.


Summary


In this chapter we explored wireless technologies, including Wi-Fi and Bluetooth. We
observed that wireless is a powerful and convenient technology that frees users from wires
and allows the network to expand into areas it could not go into before. We also explored
the fact that wireless technologies are very vulnerable and have a whole range of concerns
that don’t exist with traditional networks.
Today’s enterprise is much more likely to have a wireless network in place as well as
numerous Bluetooth-enabled devices. The propagation of signals, the misapplication of
the technology, social engineering, and just plain old mistakes have all led to significant
vulnerabilities in the workplace. An attacker using a notebook, an antenna, and the right

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.