P L RAJ IAS & IPS ACADEMY - AN INSTITUTION FOR IAS, IPS AND TNPSC EXAMINATION

BLUEBUGGING - SCIENCE AND TECHNOLOGY

News: What is bluebugging, and how is it used to hack Bluetooth-enabled devices?

What's in the news?

● Cybersecurity experts note that apps that let users connect smartphones or laptops to wireless earplugs can record conversations, and are vulnerable to hacks.

● Even the most secure smartphones like iPhones are vulnerable to such attacks.

● Any app with access to Bluetooth can record users conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets, some app developers say.

● Through a process called bluebugging, a hacker can gain unauthorized access to these apps and devices and control them as per their wish.

Bluebugging:

● It is a form of hacking that lets attackers access a device through its discoverable Bluetooth connection.

● Once a device or phone is bluebugged, a hacker can listen to the calls, read and send messages and steal and modify contacts.

How does Bluebugging hack devices?

● Several smartphones have their Bluetooth settings on discovery mode as it is a default setting, making it easy for hackers to access the phones when they are within 10metres from the device.

● Once a connection is established, hackers can use brute force attacks to bypass authentication.

● They can install malware in the compromised device to gain unauthorized access to it.

Which devices are most susceptible to such attacks?

● Any Bluetooth-enabled device can be bluebugged. Wireless earbuds are susceptible to such hacks.

● Apps that enable users to connect to their TWS (True Wireless Stereo) devices or earbuds can record conversations.

● The apps of these TWS devices can record conversations.

● Once hacked, the attacker can make and listen to calls, read and send messages, and modify or steal your contacts.

How to prevent bluebugging?

● Turning off Bluetooth and disconnecting paired Bluetooth devices when not in use.

● Updating the device’s system software to the latest version.

● Limiting the use of public Wi-Fi.

● Using VPN as an additional security measure.

● Modern anti-virus softwares can also help thwart such attacks.