Almost all latest versions of mobile phones, hand held devices, PDAs and laptop computers are equipped with bluetooth data connectivity facility. It is now the most common, simplest and cheapest means of transfer of files between various devices. As buletooth is so common, threats associated with this technology is also increasing. In this article, I am discussing about the threats that an unguarded or poorly configured bluetooth system brings to a mobile phone or PDA user.
Major mobile phone makers provides secure data communication between two devices which are connected using a common password. The initial setup of this connection is called pairing and it is done on the basis of a password which must be entered on both the devices for pairing to be established. There is also a provision that searches for active bluetooth devices near a mobile phone (usually within 10 meters) and a file can be send to the devices detected by the search. In this case, the user of the other phone must give explicit permission to receive files. This is the safe side but it is not so in all cases.
There are programs called bluetooth hackers that works on mobiles with Symbian operating system. I tested two of such programs and they worked great. Both the programs requires a one time pairing or authentication by the victim and once it is done, the device is virtually under the control of the hacking software on the other device. It is possible to make calls, send messages, read SMS and phone book, emulate key sequence etc on the victims phone. The call and data charges will be collected from the victims account. The most critical part is that someone can send a threatening SMS to a celebrity or political leader using this software from your mobile phone and you may not be even aware of this. While considering the fact that according to rules in most countries, sending such SMS will invite severe fine or imprisonment. Personal privacy is another factor. You don't want anyone to read all your messages and contacts without your knowledge, do you? But with programs like this, its next to kidding only! Think what amount of damage you can do with your phone and what are the crimes that can involve your phone; all these can be done by an evil mind by hacking into your mobile device through bluetooth and you are the culprit in front of the law of justice! Strange right?
So what is the way out? First always make sure you buy mobile phones from genuine sources and always stick to popular brands. Some chineese phones comes with bluetooth option without even a provision for a password pairing and they simply accepts all connections if bluetooth is turned on! All popular mobile phone makes use password pairing and always asks for your confirmation to initiate a communication. Next thing is that you turn on bluetooth only when you need it. Do not keep it turned on all the time to receive all the garbage on the streets as you are an easy target for a wandering hacker. Always turn on the option that hides your device from searches made by other devices and disable this option only when in need. Never accept anything from a stranger over your bluetooth connection as this could be a mobile phone virus, copyrighted content or he may be simply trying to hack your phone. If you really need to do so, never pair with the other device instead ask him to search for your device and send the file. You accept the connection for this time only. Another simple but somewhat effective method is to change the bluetooth name of your device occasionally as this would cause some confusion for a hacker at least living nearby. Install a good antivirus and firewall software on your mobile phone so that you can prevent remote installation of malicious programs and data loss. Last but not the least, always handle your phone by yourself. You just can't make sure that others will use your bluetooth technology for legal purpose!
I know, you wanted to know the name of the program that hacks bluetooth. Right? I'm sorry, my lips are sealed.
